Q DECT Release: Delivering enhanced OTA Security, deployment automation and much more

Similar documents
Q DECT Release: Built-in sitesurvey, improved handset audio, and DECT server security enhancements.

Spectralink PIVOT & Versity USB Driver V2.0.0

Introduction to PTT. Multicast

Versity Software Update Overview

Spectralink Versity Call Server Redundancy

QNC Best Practices. System Affected. Description. QNC Configuration Procedure. Technical Bulletin CS-18-04

Enabling SSH on CMS 2.x Server

Spectralink Quick Network Connect. Release Notes. Spectralink QNC Software 2.0 January 2017, v2

Cisco Meraki. Spectralink VIEW Certified Configuration Guide

Spectralink CMS Update Procedure for Release

Using Spectralink 84-Series Phones with Microsoft Lync Server 2010

Spectralink PIVOT Smartphone. Barcode Administration Guide

Interoperability Guide

VIEW Certified Configuration Guide. Hewlett-Packard. HP ProCurve Wireless Edge Services zl Module. January 2008 Edition Version C

Interoperability Guide

Field Verified. Configuration Guide. Extricom. Interference-Free Wireless LAN System. January 2008 Edition Version B

Spectralink PTT/Group Paging Audio Packet Format

VIEW Certified Configuration Guide. Colubris Networks Series MultiService Controllers with MAP-320/330 MultiService Access Points

VIEW Certified Configuration Guide. BelAir Networks. BelAir50, BelAir100, BelAir200. January 2008 Edition Version D

EAP-TLS Applying client certificates to 84 Series handsets

VIEW Configuration Guide. Cisco. 1131, 1232 and 1242 Autonomous APs. June 2010 Edition Version D

Spectralink VIEW Certified Configuration Guide. Aruba Networks. Aruba Instant APs IAP-11x, 20x, 21x, 22x

VIEW Certified Configuration Guide. Cisco

NetLink Components NetLink Telephony Gateway NetLink SVP Server NetLink Wireless Telephones

Field Verified. Configuration Guide. Proxim ORiNOCO. AP-600b, AP-600g, AP-700, AP-2000, AP January 2008 Edition Version H

LinkPlus Interface Guide

Spectralink 7202, User Guide

VIEW Certified Configuration Guide. Extreme Networks. Summit WM 100, 1000 Wireless Controllers with Altitude AP

LinkPlus Interface Guide

Polycom KIRK Wireless Servers. Product Portfolio Reference Guide

Polycom KIRK Wireless Servers. Product Portfolio Reference Guide

LinkPlus Interface Guide

October J. Polycom Cloud Services Portal

Interoperability Guide

Versity Deployment Guide

LinkPlus Interface Guide

Cisco Unified Communications Manager (CUCM)

Installation and Configuration Tool (SLIC)

SCS Configuration Guide for Skype for SIP. Issue 1.0

VIEW Certified Configuration Guide. Motorola. WS 2000 with AP 300. January 2008 Edition Version C

VIEW Certified Configuration Guide. Nortel. WLAN Security Switch 2300 Series with AP January 2008 Edition Version F

2100/2500/4400/5500/7500/8500 Series WLC (Wireless LAN Controller),

Spectralink IP-DECT Server 200/400/6500 and DECT Server 2500/8000. Provisioning Guide IG, Edition 9.0 April 2018, Original document

Enterasys Networks. VIEW Certified Configuration Guide. Enterasys C20, C20N, C2400, C4110, C5110 with AP 3605, 3610, 3620, 3630, 3640

Quick Barcode Connector

Spectralink Quick Network Connect. Administration Guide. Version 2.0.xx

Spectralink IP-DECT Server 200/400/6500 and DECT Server 2500/8000. Provisioning Guide IG, Edition 12.0 March 2019, Original document

Cisco Unified Communications Manager (CUCM)

Polycom VVX Business Media Phones Portfolio

Installation and Configuration Guide

Polycom Updater Release Notes

Virtual Office. Group Call Pickup. Version 1.0. Revision 1.0

Polycom VVX Business Media Phones Portfolio

SCS 4.0 SIP Trunking Configuration Guide for Skype Connect. Issue 1.0

Spectralink 84-Series Wireless Telephone. User Guide

Polycom Updater Release Notes Applies to SoundStation IP 6000 and IP 7000

Security Advisory Relating to OpenSSL Vulnerability Heartbleed on Various Polycom Products

July 2017 Product Shipping Configuration Change Notice

Polycom VoxBox Bluetooth/USB Speakerphone

Business IP wireless DECT solutions. Enhancing communications. Increasing freedom.

Interoperability Guide

Interoperability Guide

Polycom RealPresence Media Manager

2100/2500/4400/5500/7500/8500 Series WLC (Wireless LAN Controller),

ProSys The Power of ProSys

MSM320, MSM410, MSM422, MSM430,

DeltaV Mobile. Introduction. Product Data Sheet September DeltaV Distributed Control System

May 2014 Product Shipping Configuration Change Notice

October /RPP. Using. unications

My Instant Communicator for iphone

Paging and Loud Ringing with VVX600 and Algo 8180

Polycom Interoperability with BlueJeans

Spectralink IP-DECT Server 400 and 6500 and Microsoft Lync Server Configuration Guide

Spectralink 72x2-Series Release Notes Q3, 2018 Firmware Version PCS 18D

Interoperability Guide

1.0.0 December A. Polycom VoxBox Bluetooth/USB Speakerphone

Polycom RealConnect for Microsoft Teams

Polycom RealPresence Group Series with BroadSoft

SpectraLink 8002, e340/h340/i640 Wireless Telephone Configuration Cradle

Application Notes for Polycom Trio Conference Phones and Avaya IP Office TM Issue 1.0

LinkPlus Interface Guide Inter-Tel Eclipse

Application Notes for Versay CUE Analytics with Avaya Aura Experience Portal Release Issue 1.0

RING CENTRAL CONFIGURATION GUIDE: V3.1 PAGING SERVER

Open Applications Interface (OAI) Installation and Setup

Polycom RealConnect for Office 365

Application Notes for Packet One SIP Trunk System Version 3.1 Interoperability with Avaya Software Communication System Release Issue 1.

Polycom VoxBox Bluetooth/USB Speakerphone

Using Polycom Unified Communications in Microsoft Environments

Application Notes for Configuring Fonolo In-Call Rescue with Avaya IP Office Server Edition using SIP Trunks Issue 1.0

1.0 October A. Polycom RealPresence Group Series with BlueJeans Relay

Communication Solutions. KX-NSX Series The new business communication server

Application Notes for Spectralink DECT Server 2500/8000 with Avaya Aura Communication Manager and Avaya Aura Session Manager - Issue 1.

December A. Before You Begin...3

Explore the Polycom VVX Business Media Phones and the Polycom Trio Conference Phone Family, Skype for Business Editions

Polycom RealAccess, Cloud Edition

Security Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors

ESS Utility Android App User Guide

IP ADVANCED RADIO SYSTEM FAQ

Synchronization and Deployment Guide

ipad in Business Mobile Device Management

Transcription:

Q3-2018 DECT Release: Delivering enhanced OTA Security, deployment automation and much more This technical bulletin reviews the new DECT Q3 2018 Software Release including key enhancements such as; early encryption and regular cipher key exchanges for added voice and data protection over radio links, support for redirection service to achieve near zero-touchprovisioning and increased support for operation behind NATs and Firewalls, plus all the general service updates. Full Technical Release Notes are available when you download the Software. System Affected All DECT servers, IP-DECT servers and handsets. Key IP-DECT Server & Handset Security Enhancements DECT OTA Security (Step A) 7000 Series Handsets Available on handsets including 7502 entry level handset, 75-Series, 76-Series and 77-Series handsets, Step-A, the new DECT Security Standards, provides enhanced level of OTA encryption including early encryption during call setup and cipher key exchanges at short regular intervals during calls, providing one of the highest levels of DECT security and delivering greater security between DECT base stations and the mentioned DECT handsets. In addition, with the implementation of this DECT Security Standards, there is now a monitoring function, enabling the monitoring of the DECT server security from the handset. This function notifies users via their handsets if there is a change in the security state of the system during normal operation. With the feature enabled, when security state of the server changes - the handset will automatically inform the users that the system security has changed state, and that

the user needs to restart the handsets to continue normal operation. Any calls made from this point onwards will be disconnected after 15 seconds, until the handset is restarted. Note: The new DECT security implementation is only available on our feature handsets 75x2, 76x2 and 77x2, but NOT on the base level 72x2 series. IP-DECT Servers For the IP-DECT server portfolio, including the 200, 400 and 6500 servers extensive work has been completed for this software release to introduce DECT Security (Step A) Standards, where the encryption is enhanced and improved ways of exchanging cipher keys for encryption has been introduced. Figure 1 - DSAA and DSC are the authentication and encryption algorithms defined in the DECT security standard ETSI EN 300 175-7 applicable for DECT security and DECT security step A. Step-A has been introduced by the DECT standards body to correct certain known vulnerabilities in the standard to ensure enhanced security. October 17, 2018 2

In addition to early encryption, authentication of handsets, and a whole host of security features have been introduced, including the cipher keys renewal every 60 seconds throughout a call, enhancing the DECT encryption between the IP-DECT base stations and DECT handsets over AIR. For details see table below. Table 1 Security features DECT Step-A O means Optional and M means Mandatory It should be noted that any DECT subscription on the IP-DECT server is, by default, only allowed to be open for up to 120 seconds or until a handset is subscribed. However, this setting can be disabled in the IP-DECT servers via the web GUI to speed up and enable DECT subscriptions. Note: Due to the way the DECT Security (Step-A) standard is defined and described, any system that has this feature enabled becomes more sensitive to signal noise meaning the need to have a much better coverage becomes more important. Hence, customers who wants to use DECT security (Step-A) MUST ensure to have Site-Survey for radio coverage done professionally with DECT security (Step-A) set to ON prior to the actual Base Station deployments. Please reach out to Spectralink support, or contact our professional services to arrange for Site-survey. For further information regarding DECT Security (Step A) Standards please click here: DECT Security Certification October 17, 2018 3

NAT Keepalive to support ITSP/UCaaS providers New Features for both DECT and IP-DECT Servers Due to a significant growth in cloud based UC/UCaaS offerings from ITSPs and all leading telephony solution providers it has been identified that there are often issues with CPE kits being deployed behind firewalls/nats and NAT traversal is required for all operations. In order to proactively address this issue - Spectralink has introduced support for using SIP OPTIONS in addition to CRLF techniques for achieving NAT traversals as a new NAT keepalive option for both DECT and IP-DECT servers to help DECT systems stay connected to cloud based UC/UCaaS platforms even when behind standard enterprise routers/firewalls. By selecting the NAT keepalive interval, small packets are sent at regular selectable intervals, between 10 and 30 seconds, to keep the NAT from closing the port and changing the internal port mapping ensuring smooth operation of incoming/outgoing calls. ICE Enhancement Supporting Polycom Call Hold or Transfers Enhancement to Interactive Connectivity Establishment (ICE) protocol for NAT traversal has also been implemented where ICE candidates are no longer treated as unique. This also helps to ensure that during all conversations between Polycom VVX phones and Spectralink servers/handsets the Polycom phones correctly display the call hold/transfer mid-call operation softkeys. MAC address based authentication for UCaaS poviders All DECT servers and IP-DECT servers now also have the ability to optionally add the systems MAC Address to ALL SIP Message headers. UC/UCaaS and Service Providers that want to protect their platforms from possible DoS attacks can now, as part of admission control, use the MAC address to further authenticate that the SIP messages are arriving from their legitimate users (customers) and allow the SIP messages through using MAC address as a security token. New DECT Handsets Functionality Missed Call Notification Any missed calls, including a second call arriving while a user is busy on another call, is now displayed on the handset LCD screen when the current user finishes the call. This is to ensure that the user is aware of the missed call and can respond accordingly. October 17, 2018 4

Redirection Service for Zero-Touch Provisioning In order to simplify and support near zero-touch-provisioning of IP-DECT servers Spectralink has launched a cloud based redirection service that can be used by Spectralink channel partners, ITSP & traditional communication service providers looking to automate deployment of thousands of IP-DECT servers, and finally large end-customers looking to deploy hundreds of sites. The process simply requires that each IP-DECT server is registered with the Redirection Service online together with a target Provisioning server where the relevant IP-DECT server can find all its configuration settings as well as any firmware that needs to be rolled out for the particular site deployment. Figure 2 - Automating deployment using Redirection services When the DECT server starts if it doesn t receive or find the local provisioning server url either via DHCP option 66, or via manual web GUI entry to the DECT server - it searches for and connects to the global Spectralink Redirection & Provisioning server services (SRPS) portal. The SRPS receives unique identity information from each DECT server (typically MAC address, & P- ID) and based on a database lookup based on these specific fields of data previously entered into the SRPS database the SRPS provides back to the DECT server a url that points the DECT server to the correct & relevant Provisioning server deployed by Spectralink or a specific partner or customer. The DECT server then reaches out and connects securely to the specified url and downloads all relevant firmware, configuration and user settings as part of configuration and provisioning update. The partner provisioning server can also provide approved DECT server firmware, base station firmware, media resource firmware, and DECT handset firmware for easy firmware release management & roll-out. October 17, 2018 5

Using Spectralink SRPS Redirection services platform together with partner Provisioning servers - it should no longer be necessary for channel partners to unpack, configure and then repack a DECT server before shipping to the end-customer. This greatly simplifies mass deployment by automatic configuration, and saves a lot of time and resources for Spectralink partners achieving what is termed as near Zero-Touch provisioning. If you would like to use the redirection service please reach out to the support team to get credentials so that you can log into the system and start saving time and automating your DECT server deployments. New DECT Server Functionality Lone-Worker Test Automation via XML-RPC API New implementations into the XML-RPC interface to the DECT servers have been added to support self-testing in the handset, allowing users to test different sensors, buttons and functionality. The handset can be told to initiate the testing and the conclusion of the testing the handset can display the results which can be collected by AIMS partner solutions offering lone-worker support to show successful completion of testing prior to lone-worker functionality use. New IP-DECT Server Functionality Software Assurance License Starting with Q3 2018 IP-DECT Server Software Release all IP-DECT servers can now track a Software Assurance license key to ensure that all IP-DECT servers are registered and customers have the ability to continue to receive future software releases and service updates in order to ensure that the platform continues to run using the latest firmware releases, runs with the latest technology mobility solutions, and has the latest software security enhancements. Further information regarding Software Assurance will be communicated by Spectralink shortly. Figure 3 - IP-DECT Servers with software assurance October 17, 2018 6

New Files in Exported Logs With the, new files can be found in the exported log, including; a HTML Page with Licensing information, a screenshot of the WEB GUI licence page, with full names of the licenses and the license codes. General DECT Handset Solution Enhancements Site Survey and Free Channels With the it is now possible to see all channels and timeslots, including the dummy bearer channel and the two side channels which previously were not visible from the handsets. This is to ensure improved site troubleshooting for onsite technical staff. Bluetooth Headset and Answer Button Updates To overcome issues with some Bluetooth headsets, Spectralink has introduced new protocol within the DECT handsets, to recognise the Bluetooth headset when it connects to ensure audio is immediately played through the headset when answer button is selected. Note that Bluetooth option is available in only selected model handsets. Local Language Contact Sorting in Phonebook. With the the Phonebook can now be used to correctly sort contacts in non-english language as well improving the ability for non-english speakers to sort phonebook using the language of their choice. General IP-DECT Server Solution Enhancements GAP Handsets Improved support for dial and ringback tones on some GAP handsets has been added along with reject reason information, if a call fails during authentication. For details on these and ALL other enhancements and corrections please ensure that you also read and review the relevant product release notes available via Spectralink s support site. October 17, 2018 7

Document Status Sheet Document Control Number: CS-18-08 Document Title: Q3 2018 DECT Release delivering key OTA Security Standard ehancements and much much more Revision History: I01 Released 10, 16, 2018 Date: 10-16-2018 Status: Draft Issued Closed Distribution Status: Author Only Internal Partner Public October 17, 2018 8

Copyright Notice 2018 Spectralink Corporation All rights reserved. Spectralink TM, the Spectralink logo and the names and marks associated with Spectralink s products are trademarks and/or service marks of Spectralink Corporation and are common law marks in the United States and various other countries. All other trademarks are property of their respective owners. No portion hereof may be reproduced or transmitted in any form or by any means, for any purpose other than the recipient s personal use, without the express written permission of Spectralink. All rights reserved under the International and pan-american Copyright Conventions. No part of this manual, or the software described herein, may be reproduced or transmitted in any form or by any means, or translated into another language or format, in whole or in part, without the express written permission of Spectralink Corporation. Do not remove (or allow any third party to remove) any product identification, copyright or other notices. Notice Spectralink Corporation has prepared this document for use by Spectralink personnel and customers. The drawings and specifications contained herein are the property of Spectralink and shall be neither reproduced in whole or in part without the prior written approval of Spectralink, nor be implied to grant any license to make, use, or sell equipment manufactured in accordance herewith. Spectralink reserves the right to make changes in specifications and other information contained in this document without prior notice, and the reader should in all cases consult Spectralink to determine whether any such changes have been made. NO REPRESENTATION OR OTHER AFFIRMATION OF FACT CONTAINED IN THIS DOCUMENT INCLUDING BUT NOT LIMITED TO STATEMENTS REGARDING CAPACITY, RESPONSE-TIME PERFORMANCE, SUITABILITY FOR USE, OR PERFORMANCE OF PRODUCTS DESCRIBED HEREIN SHALL BE DEEMED TO BE A WARRANTY BY SPECTRALINK FOR ANY PURPOSE OR GIVE RISE TO ANY LIABILITY OF SPECTRALINK WHATSOEVER. Warranty The Product Warranty and Software License and Warranty and other support documents are available at http://support.spectralink.com. Contact Information US Location Denmark Location UK Location +1 800-775-5330 +45 7560 2850 +44 (0) 20 3284 1536 Spectralink Corporation Spectralink Europe ApS Spectralink Europe UK 2560 55th Street Bygholm Soepark 21 E Stuen 329 Bracknell, Doncastle Road Boulder, CO 80301 8700 Horsens Bracknell, Berkshire, RG12 8PE USA Denmark United Kingdom info@spectralink.com infoemea@spectralink.com infoemea@spectralink.com October 17, 2018 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback