• Network Security
• Intercept
• VoIP

Voice over IP

Voice over IP (VoIP) is a promising source of new profits as broadband deployments proliferate. However, as carriers begin their migration to VoIP, they are faced with a host of emerging issues.

Whereas traditional circuit-switched calls are made using an end-to-end managed network with little need for security controls, VoIP calls pose new challenges to the service quality and reliability to which people are accustomed. Key considerations include:

• How do you detect and manage illegal VoIP traffic to help recover lost toll revenue and improve network bandwidth utilization?
• How do you detect and mitigate security threats and anomalies that interfere with call transmission, damage network elements or enable fraud?
• How do you cost-effectively manage the QoS and reliability of VoIP services while maintaining the flexibility to respond to market demands?
• How can you rapidly provision VoIP services to new and existing users, without disrupting service?
• How can you create targeted product offerings that meet the needs of individual subscribers?

NarusInsight provides complete, real-time insight into all of the IP traffic from the network to the applications, powering the following capabilities:

• VoIP Identification and Mitigation: Detect VoIP traffic in real time, classify, analyze and mitigate gray or unmanaged VoIP traffic.
• VoIP Security: Detect and mitigate worms, viruses, DOS and DDOS attacks and other malicious traffic including layer 7 attacks.
• VoIP Intercept: Provide detailed, real-time traffic information required to manage consistent quality of VoIP service, and enforce policy.

VoIP Identification and Mitigation via the NarusInsight Traffic Management Suite

The NarusInsight Traffic Management Suite uses patented technology to identify VoIP traffic independent of source. It correlates VoIP records to identify this traffic by network addresses, protocol type and packet statistics, pinpointing offending gateway address ranges and collecting and reporting detailed statistics on the gateways and associated traffic. Utilizing NTMS, service providers can minimize revenue loss and excessive bandwidth consumption due to unmanaged VoIP traffic.

VoIP Security via the NarusInsight Secure Suite

VoIP and other real-time IP services are subject to an emerging breed of new threats, anomalies and fraudulent acts. Not only can the NarusInsight Secure Suite detect and mitigate common threats like DoS, DDoS, worms and viruses, but also Layer 7 and service attacks. NarusInsight Secure Suite detects VoIP-specific attacks such as:

• Scanning or "blind" flooding attacks aimed at "random" targets, and employed to discover SIP phone devices, proxy servers, registrars, etc.
• Targeted flooding attacks employing high-intensity or repeated packets
• Call hijacking or "man in the middle" attacks by intruders attempting to take control of a call
• Exploit (buffer overflow, SIP, etc.) attacks designed to exploit vulnerabilities in VoIP or SIP implementations

NarusInsight Secure Suite combats these risks by detecting and identifying traffic anomalies early so administrators can either mitigate them manually via Micromuse or ArcSight, or automatically via Cisco Guard.

VoIP Intercept via the NarusInsight Intercept Suite

The NarusInsight Intercept Suite features full reconstruction and playback of VoIP and other streaming media, in addition to the rendering of Web pages, examination of e-mails and the ability to analyze the payload/attachments of e-mail or file transfer protocols. NIS seamless integration with the NSS or other DDoS, intrusion or anomaly detection systems, securely providing analysts with real-time, surgical targeting of suspect information (from flow to application to full packets).