Analytics & Insights

Bad actors are constantly looking for the easiest path into corporate networks. While security breaches attributable to SIP may not yet be as widespread (or public) as some high-profile data attacks, that is changing as SIP-based unified communications (UC) adoption grows. Hackers prey on vulnerabilities created with UC implementations. Unfortunately, it is often a lack of understanding of the risks, and subsequent lack of best practices to address potential attack vectors for UC, that will create opportunities for malicious events to occur.

Without proper security on unified communications, an enterprise will only have reactive after-the-fact options when serious threats strike. And this can occur regardless of your UC implementation - appliance or cloud-based. Not only can hackers cause financial loss by accessing corporate data and accounts through a SIP breach, but some would not hesitate to use the same breach to launch other malicious attacks for toll fraud, Denial of Service (DoS) to disrupt operations and demand payment to stop, identity and financial theft, corporate espionage or supporting political agendas. This makes SIP more of a means to an end.

Ribbon provides a new level of security and operational analytics for unified communications. Leveraging well-established concepts of network behavioral analytics from the data world, Ribbon provides analytics and insights for service security and network operations. By establishing a well-defined baseline of what is categorized as “normal” voice and video sessions as well as IP port activity, deviations from this baseline can be quickly identified and mitigated. With access to network data (KPIs and service metrics) and call detail records, it will be possible to get an end-to-end view for network operations, network-wide troubleshooting and alerts on negative service impacts.

Network Operations Analytics

As unified communications (UC) deployments continue their rapid growth, enterprises are searching for turnkey solutions to deliver detailed insights of their IP voice traffic in order to maintain the quality of service their employees and customers expect.

This is where Ribbon's analytics application for network operations steps in. Ribbon has the toolset to proactively collect and analyze performance metrics, faults, packet and CDR data produced by Ribbon network elements such as Session Border Controllers (SBCs), Media Gateways and UC platforms. With this information, Ribbon Analytics can and display aggregate and detailed traffic information, alert on troubles in network or service behavior, and enable drilldown analysis into the network and services. Actionable insights make it possible for you to ensure you meet your QoS and SLAs commitments to your customers.

Network Operations Analytics Features and Benefits

  • Correlation of collected data points from performance metrics, CDRs, packets, faults, logs and alarms.
  • Trending analysis to provide early visibility into service quality issues and identify abnormal peaks.
  • Schedule and automated sending of reports by e-mail, text message, SCP or SFTP.
  • Share the dashboards as static or interactive with others to view or integrate within your web application.
  • Network wide SIP ladder diagrams
  • Custom KPI generation

Security, Network Visibility and Big Data Analytics Solutions

Security Analytics

Behavioral analytics has made a noticeable impact in the overall security threat detection community. However, the Unified Communications (UC)community is still largely underserved regarding behavioral analytics and anomaly detection solutions. With the variety and inherent complexities of SIP and VoIP protocols, UC environments will benefit greatly from the added value of behavioral analytics and anomaly detection to deter or eliminate many types of fraud or theft attacks.

Yet, even with behavioral analytics and anomaly detection, assuring the integrity of UC services usually means an enterprise IT team will need both visibility and control over, a variety of disparate products. Unfortunately, these disparate products will rarely, if ever, interact with each other. Ribbon solves the security isolation issue by taking a unique integrated approach that collects data from multi-vendor network elements and then distributes security policy across various security domain. This also results in the reduction of management replication and greatly reduces the overall threat landscape.

  • Establish a well-defined baseline for what is categorized as “normal” so deviations from this baseline can be quickly identified.
  • Centralize the detection and auto-mitigation of UC attacks and threats
  • Establish a comprehensive and correlated view of attack/threat activity that otherwise evade existing point solutions.
  • Stop toll fraud by continually analyzing call metrics during work and non-work hours.
  • Mitigate complex Telephony Denial of Service (TDoS) attacks
  • Shared security intelligence, with a whitelist implicit deny to reduce attack vectors used to infiltrate your environment.
  • Minimized firewall / SBC configuration issues by sharing enforcement policies