Acme Packet has enhanced its “Net-Net” session border controllers (SBCs) for large enterprises and contact centers with new features that deliver new security, session control, quality assurance and regulatory compliance capabilities.
The enhancements are aimed at further optimizing the delivery of IP interactive communications — voice, video, and multimedia collaboration — across enterprise and contact center IP network borders.
Specifically, the latest enhancements target four critical capabilities:
- b>Intrusion Detection & Prevention (IDP) reporting —
Acme Packet’s Net-Net SBC leverages its real-time Deep Packet Inspection (DPI) capabilities to analyze and identify traffic anomalies in order to protect against malicious and non-malicious attacks resulting from signaling message floods, registration avalanches, malformed messages and malware attachments. Using its Dynamic Trust Management (DTM) and behavioral learning capabilities the Net-Net SBCs define which traffic is allowed and which is denied based on pre-defined business and network policies. For example, the system can differentiate between a flood attack and a registration restart avalanche, denying the flood attack and regulating the registration restarts.Acme Packet said its new IDP reporting system provides a comprehensive detection, collection and reporting architecture that enhances the enterprise’s ability to identify, analyze and mitigate potential threats. The IDP reporting system allows the administrator to define policies that specify the types and levels of alarms that trigger notification events, with other alarms falling below this threshold simply being logged. For example, in order to protect against denial of service attacks the administrator can define a threshold for the rate of SIP INVITE messages from a single source, with the system alerting the administrator when exceeded.
- Anti-virus, worm and SPIT protection — Acme Packet warns that SIP-based interactive communications can also be susceptible to proliferating viruses and worms because of header attachments. For example, a voice call sent with a rich media caller ID vCard attachment with the SIP header can act as a Trojan horse that propagates destructive malware throughout a network, adversely affecting all applications. Acme Packet provides a set of tools to protect users, devices and infrastructure against viruses and worms. To deliver this level of protection the Net-Net SBCs combines its DPI capabilities with SIP Header Manipulation Rules (HMR). These policy-driven rules define what is allowed and not allowed, enabling enterprises and contact centers to automate the protection process against many types of viruses and worms. For example a rule can be created that removes all header attachments, alleviating a major form of virus and worm propagation.
Spam for Internet Telephony (SPIT) is a potential problem once many different VoIP networks are interconnected that could result in a SPAM-like plague of unsolicited calls and voicemails. To identify and prevent SPIT, Acme Packet SBCs combine behavioral learning with policy-driven session admission control rules. For example, the Net-Net SBC can identify and block automated calling platforms by analyzing anomalies in the call origination rate from a single source.
- SIP session control — SIP REFER & LDAP interface support
Active support for the SIP REFER method enables contact centers to transfer customer calls within a virtual contact center without involving external IP phone or media gateways, enhancing call reliability and reducing latency. Acme Packet has added an LDAP interface that enables enterprises to leverage existing employee databases for user authentication and authorization. This interface eliminates the need to replicate or synchronize data across multiple data stores or perform duplicate data entry. - Call replication for call recording — Many enterprise and contact center deployments require the ability to dynamically select calls for recording. This may be for regulatory compliance purposes or based on business procedures that require selective or 100% call recording for quality assurance. Acme Packet’s SBCs can perform call replication, reducing the number of devices that enterprises and contact centers have to manage, thereby eliminating costs and decreasing complexity.
Separately, Acme Packet announced two major enterprise deployments.
Echopass, which provices hosted contact center services, is deploying Acme Packet Net-Net session border controllers (SBCs) to interconnect its U.S. data centers to its enterprise customers. The Echopass EchoSystem is an end-to-end managed service integration platform that leverages Echopass’ on-demand contact center services and call routing infrastructure with hosted CRM, legacy voice/data network technologies and integrates with other advanced enterprise-class applications all managed by Echopass.
Thing5 L.L.C., a leading provider of voice and data messaging services to the hospitality industry, is using Acme Packet’s Net-Net session border controllers (SBCs) for SIP trunking to multiple service providers for PSTN origination and termination. Thing5’s managed network services support the voice communications of all La Quinta and Extended Stay hotels, supporting over one thousand hotel properties. Acme Packet’s SBCs receive in-bound calls over SIP trunks from several service providers and route them to more than one thousand hotel locations. For outbound calls from the Extended Stay and La Quinta hotels to the PSTN, the Net-Net SBCs load balance calls to different service providers. Acme Packet’s Net-SAFE security architecture provides denial of service (DoS) attack protection, topology hiding and access control, helping to ensure Thing5’s network availability. The Net-Net SBCs also provide hosted NAT traversal for IP phones used by hotel mobile and remote workers.
http://www.acmepacket.com
