Analytics & Insights

Bad actors are constantly looking for the easiest path into corporate networks. While security breaches attributable to SIP may not yet be as widespread (or public) as some high-profile data attacks, that is changing as  adoption of IP-based unified communications (UC) and Contact Centers (CC) grows. Hackers prey on vulnerabilities created with these implementations. Unfortunately, it is often a lack of understanding of the risks, and subsequent lack of investment in best practices to address potential voice attack vectors, that will create opportunities for malicious events to occur.

Without proper security for UC and CC infrastructure and services, an enterprise will only have reactive after-the-fact options when serious threats strike. And this can occur regardless of your UC and CC implementation - appliance or cloud-based. Not only can hackers cause financial loss by accessing corporate data and accounts through a voice attack vector, but a bad actor can use the same breach to launch other malicious attacks such as Denial of Service (DoS) to disrupt operations 

Ribbon provides a new level of security and operational analytics for UC and CC infrastructure and services. Leveraging well-established concepts of machine learning modeling based upon behavioral analytics, from the data world, Ribbon provides analytics and insights for service security and network operations. By establishing a well-defined baseline of what is categorized as “normal” voice and video sessions as well as IP port activity, deviations from this baseline can be quickly identified and mitigated in real-time. With access to network data (KPIs and service metrics) and call detail records, it will be possible to get an end-to-end view for network operations, network-wide troubleshooting and alerts on negative service impacts.

Network Operations Analytics

As unified communications (UC) deployments continue their rapid growth, enterprises are searching for turnkey solutions to deliver detailed insights of their IP voice traffic in order to maintain the quality of service their employees and customers expect.

This is where Ribbon's analytics application for network operations steps in. Ribbon has the toolset to proactively collect and analyze performance metrics, faults, packet and CDR data produced by Ribbon network elements such as Session Border Controllers (SBCs), Media Gateways and UC platforms. With this information, Ribbon Analytics can and display aggregate and detailed traffic information, alert on troubles in network or service behavior, and enable drilldown analysis into the network and services. Actionable insights make it possible for you to ensure you meet your QoS and SLAs commitments to your customers.

Network Operations Analytics Features and Benefits

  • Correlation of collected data points from performance metrics, CDRs, packets, faults, logs and alarms.
  • Trending analysis to provide early visibility into service quality issues and identify abnormal peaks.
  • Schedule and automated sending of reports by e-mail, text message, SCP or SFTP.
  • Share the dashboards as static or interactive with others to view or integrate within your web application.
  • Network wide SIP ladder diagrams
  • Custom KPI generation

Security, Network Visibility and Big Data Analytics Solutions

Security Analytics For Voice Threat Prevention

Behavioral analytics has made a noticeable impact in the overall security threat detection community. However, the Unified Communications (UC) and Contact Center (CC) community is still largely underserved regarding behavioral analytics and threat detection. With the variety and inherent complexities of SIP and VoIP protocols, UC/CC environments will benefit greatly from the added value of behavioral analytics and threat detection to identify and  prevent many types of fraud or theft.

Yet, even with behavioral analytics and anomaly detection, assuring the integrity of UC/CC services usually means an enterprise IT team will need both visibility and control over, a variety of disparate products. Unfortunately, these disparate products will rarely, if ever, interact with each other for security purposes. Ribbon solves the security isolation issue by taking a unique integrated approach that collects data from multi-vendor network elements and analyzes this data for anomalies that would indicate voice threats.

Identification of potential attacks on an enterprise's UC/CC network or services and the bad actors initiating these attacks is forwarded to Ribbon's cloud-hosted Reputation Scoring service that determines, in real-time, if a given SIP session is likely malicious and what is the ideal policy to mitigate the specific threat.  Policy decisions drive real-time policy enforcement across various security domain, in real-time before a threat disrupts business or causes loss of confidential data or finacial loss. Significant reduction of the overall threat landscape is possible with a voice threat prevention solution that:

  • Establishes a well-defined baseline for what is categorized as “normal” so deviations from this baseline can be quickly identified as potential threats
  • Addresses a wide range of threats, from nuisance calls to toll fraud to complex Telephony Denial of Service (TDoS) attacks
  • Maintains a comprehensive and correlated view of attack/threat activity that would otherwise evade specific point solutions.
  • Incorporates potential threat information into machine learning models to assess the likelihood that any potential call attempt is malicious
  • Delivers real-time reputation scoring and policy decisions for every SIP-based session to thwart attacks and threats on UC/CC networks and services
  • Enables policy enforcement in real-time at Session Border Controllers, anywhere in the UC/CC network
  • Shares security intelligence across security domains to align firewall / SBC configurations for shared enforcement policies