Acme Packet, provider of session border control solutions, announced enhancements to its Net-Net SBCs used by large enterprises and contact centers. These features deliver new security, session control, quality assurance and regulatory compliance capabilities designed for IP interactive communications across enterprise and contact center network borders.
According to a number of recent research reports, a majority of enterprises and contact centers are in some stage of VoIP deployment. Many are early stage trial deployments attempting to work through the many security, interoperability, quality and compliance issues associated with the transition. To resolve these issues, they are looking to SBCs to protect against denial of service (DoS) and signaling overload security threats, alleviate protocol, codec and encryption interoperability issues, assure session quality and enable regulatory compliance.
The SBCs leverage real-time Deep Packet Inspection (DPI) to analyze and identify traffic anomalies in order to protect against malicious and non-malicious attacks resulting from signaling message floods, registration avalanches, malformed messages and malware attachments. Using Dynamic Trust Management (DTM) and behavioral learning capabilities they define which traffic is allowed and which is denied based on pre-defined policies. For example, the system can differentiate between a flood attack and a registration restart avalanche, denying the former and regulating the latter.
An IDP reporting system provides a detection, collection and reporting architecture that enhances ability to identify, analyze and mitigate potential threats. It allows the administrator to define policies that specify the types and levels of alarms that trigger notification events, with other alarms falling below this threshold simply being logged. For example, in order to protect against denial-of-service attacks a threshold can be defined for the rate of SIP Invite messages from a single source, with the system alerting the administrator when exceeded.
With its ability to carry attachments for valuable uses, SIP-based interactive communications can also be susceptible to proliferating viruses and worms. For example, a voice call sent with a rich media caller ID vCard attachment with the SIP header can act as a Trojan horse that propagates destructive malware throughout a network, adversely affecting all applications. Acme Packet provides a set of tools that combine to protect users, devices and infrastructure against viruses and worms. To deliver this level of protection the SBCs combine DPI capabilities with SIP Header Manipulation Rules (HMR). These policy-driven rules define what is allowed and not allowed, enabling enterprises and contact centers to protect against many types of viruses and worms. For example a rule can be created that removes all header attachments, alleviating a major form of virus and worm propagation.
Spam for Internet Telephony (SPIT) is a potential proble. The SBCs combine behavioral learning with policy-driven session admission control rules. For example, the SBC can identify and block automated calling platforms by analyzing anomalies in the call origination rate from a single source.
The ability to optimally control SIP sessions is a critical component in order to reduce costs and maintain quality. Active support for the SIP Refer method enables contact centers to transfer customer calls within a virtual contact center without involving external IP phone or media gateways, enhancing call reliability and reducing latency.
To further simplify the roll-out of IP communications, Acme Packet has added an LDAP interface that enables enterprises to leverage existing employee databases for user authentication and authorization. This interface eliminates the need to replicate or synchronize data across multiple data stores or perform duplicate data entry.
Many enterprise and contact center deployments require the ability to dynamically select calls for recording. This may be for regulatory compliance purposes or based on procedures that require selective or 100% call recording for quality assurance. The ability of the SBCs to perform call replication reduces the number of devices that enterprises and contact centers have to manage, eliminating costs and decreasing complexity. To further enhance this capability, Acme Packet offers a set of APIs and interfaces that enable integration with external provisioning and post-call processing systems.
More at acmepacket.com.
© 2007 Telecom Reseller. All Rights Reserved.