Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Proactively Monitor and Respond to Voice/UC Threats. Harvest Your Maximum Cost Savings Potential.
SecureLogix® Managed Security Service for Voice
The SecureLogix® Managed Security Service for Voice is your quickest, most economical, and assured path to complete voice/UC network protection, fraud and financial loss prevention, optimized voice service quality and expense management, and enhanced organizational productivity through enhanced voice/UC intelligence.
The SecureLogix® Managed Security Service for Voice (MSSV) delivers real-time voice network monitoring, analysis, oversight, and protection provided by expert-level system engineers and analysts. It combines voice/UC threat monitoring and mitigation services with network utilization and usage intelligence. The result is a secure and efficient enterprise UC environment optimized for quality and cost.
MSSV gives you maximum insight into the voice network details needed for managerial decision support. Armed with MSSV, you can see and respond to voice threats that may have been previously unidentified. Regular, monthly reporting delivers cost saving recommendations based on network utilization and usage details. Regular reporting keeps your ROI benefits in perpetual focus, and we continually track our progress in delivering cost savings opportunities to you.
Through the MSSV, you can leverage SecureLogix as an extension of your staff. We can perform targeted investigations, analyze and problem solve around specific issues, produce actionable recommendations, profile new and emerging threats, and build, deploy and manage enterprise-wide voice/UC security and cost management policies.
Our structured, multi-year, iterative MSSV program plan ensures realistic goal attainment. It helps ignite a renewed focus on expense reduction while protecting against severe and costly threats that could not previously be addressed. We
begin with a rigorous program to baseline infrastructure, traffic, and existing vulnerabilities and threats. Transitions to SIP trunking and UC systems can be properly secured, and the operational network can be baselined prior to new system deployment, and measured for post-deployment costs, benefits, and real-world, operational ROI.
MSSV can collect intelligence and implement security policies across any mix of TDM/SIP/UC infrastructure for fully unified, enterprise-wide visibility and control. All customers benefit from specific and generalized intelligence and best practices profiled across other MSSV customers. The SecureLogix MSSV ensures that you receive the maximum benefit from your ETM System investment.
Prevent malicious or unwanted voice traffic to dramatically boost your security, compliance, and cost reduction efforts
360° Perimeter Security
Voice AnAlyticS to reduce FinAnciAl loSSeS And
mAnAge exPenSeS
centrAlized Policy control
unPArAlleled inSight For inFormed deciSion mAking &
Vendor mAnAgement
• Compliments existing data network security solutions and services to complete the enterprise security perimeter. Analysts continually monitor, analyze and block internal financial loss and external attacks targeting traditionally unmonitored voice/UC networks.
• Prevents network security breaches and virus infections via voice/UC infrastructure. Blocks modem attacks, harassing/threatening calls, voice fraud / toll fraud, and voice spam. Can identify and mitigate Telephony Denial of Service (TDoS) attacks and social engineering schemes.
• Transitions to SIP/UC open enterprise to further risk and heightened need for security completeness.
• Provides unique traffic records and recordings for forensics including toll fraud, ISP calls, harassing callers, and social engineering.
• Ensures greater diligence for regulatory compliance
• Reduces costs associated with making point-in-time infrastructure planning, capacity growth, and concurrent call licensing decisions with limited information.
• Reduces telecom expenses by identifying LD abuse and other unauthorized use of corporate voice service and resources.
• Optimizes voice infrastructure and services such as underutilized trunks, fax resources, exhausted SIP sessions, and phone extensions. Baselines telecom infrastructure and utilization for most cost effective VoIP/UC migration build-out.
• Data is regularly collected, analyzed, and presented to MSSV customers to guide business decision making.
• Improves business operations with employee or departmental productivity and efficiency reports showing call volumes, unanswered calls, and other details.
• MSSV team can work proactively to develop voice/UC security and management policies, or react in a timely manner to meet new threats or opportunities.
• Single-point of expert policy design and implementation across TDM and/or SIP environments with real-time ability to implement proactive changes.
• Independent of moves, adds, changes in underlying infrastructure.
• Provides reports across a broad set of performance metrics, grouped into six areas: Security and Safety, Fraud, Resource Utilization, Compliance, Productivity Loss, and Infrastructure Health.
• Reports critical call events that are difficult, if not impossible to detect, with other systems.
• Proactively manages internal and external resources such as Telco contractors, carriers, IT maintenance, accounting support, etc.
• Provides regular report-outs which can be used as base material to manage, direct and inform the broader organization.
PROBLEM SOLUTION
Secure & coSt eFFicient trAnSition to uc
out-tASking And StAFF AugmentAtion
• Analyzes the types, volumes, trending, and traffic patterns of current calls across all your office locations for more cost efficient and right-sized transition to SIP/UC systems and concurrent calls capacity from service providers.
• Maintains centralized, consistent voice/UC policies during transition to SIP/UC.
• Documents real-world, operational savings/ROI from transition to SIP trunking and UC.
• Augments existing IT resources as most effective operators of SecureLogix solution.
• MSSV staff can perform targeted investigations, analyze and problem solve around specific issues, produce actionable recommendations, profile new and emerging threats, and build, deploy and manage enterprise-wide voice/UC security and cost management policies.
• Provides data to audit supplier performance, proactively maintains health and quality of voice/UC network, and responds to threats and emergencies such as calls to 911.
A full range of services to help you achieve maximum ROI
CustomerTechnical Support
Planning &Deployment
Hosting
TACTICALPRODUCT PROFESSIONAL MANAGED STRATEGIC
VALUE / ROI
AssistedOperate
Training Monitoring &Response
Maintenance &Tuning
Out-TaskingSupport
Optimization &Evolution
MSSV
SUPPORT
SERVICES PORTFOLIO
SecureLogix offers a full portfolio of Support, Professional, and Managed Services to help you meet your organization’s voice/UC security and intelligence needs. We offer product centric Support Services, project oriented Professional Service to help customers achieve maximum ROI.
7% 12%
1% 1%
100%
3% 2% 1%
18%
99%
1%
100%
5%
100%
1% 1%
75%
0%
20%
40%
60%
80%
100%
120%
0
10,000
20,000
30,000
40,000
50,000
60,000
70,000
80,000
Site A Site B Site C Site D Site E Site F Site G Site H Site I Site J Site K Site L Site M Site N Site O Site P Site Q
Per
cent
Una
nsw
ered
Cal
l Vol
ume
Inbound Unanswered Calls
Unanswered Calls Unanswered %
0
10000
20000
30000
40000
50000
60000
January February March April May June July August September
Long
Dis
tanc
e C
all V
olum
e
Outbound Long Distance Calls on Customer Switch
1963 1905
5902
10697
0
2000
4000
6000
8000
10000
12000
May June July August
Term
inat
ed C
all V
olum
e
Corporate Facility - Terminated Inbound Calls
248 230
125
240
181 188
92
104
0
50
100
150
200
250
300
350
400
450
500
May June July August
Num
ber o
f Fra
udle
nt C
alls
Proportion of Fraudlent Calls Directed at Contact Center
Elsewhere
Contact Center
ACTIONABLE INSIgHT
Unequalled insight into voice application usage and performance results in clear identification of issues and paths to resolution. Effectiveness of proactive policies are measured to ensure our customers are optimally protected.
Five sites above have unacceptably high
inbound unanswered call rates, affecting customer
satisfaction – typically due to voicemail, iVr or circuit
mis-configuration.
harassing caller termination policy shown to be effectively protecting the customer during a rapidly increasing incidence of aggressive harassing caller campaigns.
our Fraudulent callers database helped this customer identify Social engineering activity in their payments contact center.
real-time alarms can be set to discover incidents such as toll Fraud or to
detect unanticipated effects of network
changes, with ability to measure effectiveness of
remediation program.
DISCOVERY MOBILIZATION ACTUALIZATION CONTINUATION
STARTInitial F/W Update F/W Ongoing F/W Tuning LD over Local Study Detailed ROI Analysis
Initial IPS Update IPS Ongoing IPS Tuning Recover Capacity Unauth Traffic Final Security/ROI Recommendations
Initial Usage Rep Memo Modern Usage
Initial Perf Rep
Modem Registration Modem Blocking
DoS/Spam/Harass DoS/Spam/Harass Blocking
LD, Intl and Local Call Abuse
Toll, DA, Call Abuse
Yr 1 Utilization Yr 2 Utilization
Tie Line Study
Unauth Modem Main Ports
Underused 1FB Memo LD / Intl Usage
Resource UtilizationOngoing Usage Rep Tuning
Ongoing Perf Rep Tuning
MSSV program plan helps your organization with realistic goal attainment.
MSSV PROgRAM PLAN
A structured, multi-year, phased MSSV program plan helps your organization with realistic goal attainment. It begins with a rigorous and scientific program to baseline infrastructure, traffic and existing vulnerabilities and threats.
August 2010
Company X
Voice Network Security & Management 8/17/10
MSSV OPERATIONAL UPDATE
A monthly operational, security and cost savings update package prepared by: SecureLogix Corporation
Direct any ques.ons to: Chad M Finley CISSP Sr. Voice Security Analyst [email protected]
© Copyright 2009 SecureLogix Corpora.on. All Rights Reserved. ETM, SecureLogix, SecureLogix Corpora.on, the ETM Emblem and the SecureLogix Diamond Emblem are trademarks or registered trademarks of SecureLogix Corpora.on in the U.S.A. and other countries. All other trademarks men.oned herein are believed to be trademarks of their respec.ve owners.
MSSV OPERATIONAL UPDATE
Home Office Operational and Security Analysis
Cat. Red
Cat.Yellow
Cat.Green
• Produc3vity Impact: Three extensions combined for 13,979 Unanswered and 7,441 Busy calls. Recommend Ac3on: Verify the extensions are working properly and are s.ll ac.ve.
• Cost Impact: (000)001-‐7426 showed a substan.al devia.on from the normal paZern seen for Interna.onal calling with several long dura.on calls. Recommend Ac3on: Ensure this extension’s calls are business related. Protect against future Interna.onal toll charges via ETM policy if necessary.
• Security Impact: A sandwich shop in Cedar Rapids had 300 minutes of access to a Company X modem. Recommend Ac3on: Create an ETM rule to enhance security for the modem. (2-‐Factor Authen.ca.on)
• Security Impact: Outbound modem calls can be used for a mul.tude of business needs, but they can also be used to exfiltrate data from the Company X network circumven.ng network firewalls, data filters and IPS. Recommend Ac3on: Establish a list of authorized des.na.ons for modems and enforce via ETM policy.
• Cost Impact: 1,681 minutes long, $1,025.41 telephone call to a Nigeria cell phone. Recommend Ac3on: Establish an ETM policy rule to terminate or no.fy on long Interna.onal calls.
• Cost Impact: Site using 1-‐700-‐701-‐xxxx to call local Sites. Na.onal monthly savings of $11,813 Recommend Ac3on: Training employees, pos.ng of local numbers for near-‐by Sites by telephones.
© Copyright 2009 SecureLogix Corpora.on. All Rights Reserved. ETM, SecureLogix, SecureLogix Corpora.on, the ETM Emblem and the SecureLogix Diamond Emblem are trademarks or registered trademarks of SecureLogix Corpora.on in the U.S.A. and other countries. All other trademarks men.oned herein are believed to be trademarks of their respec.ve owners.
MSSV OPERATIONAL UPDATE
RECOMMENDATION: • According to records, (555) 555-‐1490 is the Maintenance Modem
• Determine physical loca.on of this modem and verify opera.on • Since this modem has not func.oned properly in several months, it is possible this modem is not required. Get with caller to see if calls can be discon.nued.
• (555) 555-‐4092 is not properly iden.fied in the Directory • Follow same ac.ons as Modem A above.
• (000) 555-‐9999 answers 38% of all calls, indica.ng this is a ac.ve line. The high number of busy calls suggests more resources may be needed to handle the volume this number experiences.
PRODUCTIVITY IMPACT: • (555) 555-‐1490 and (555) 555-‐4092 were never answered during the month of July despite a combined 18,280 aZempts. • These two numbers always returned either a ring or a busy tone. This indicates a problem on the lines and the number of call aZempts (11,816 on x-‐1490 6,464 on x-‐4092) suggest these are high demand services. • 56% of the calls to 555-‐9999 received a busy tone. The 5,427 calls also indicates this is a high demand service
© Copyright 2009 SecureLogix Corpora.on. All Rights Reserved. ETM, SecureLogix, SecureLogix Corpora.on, the ETM Emblem and the SecureLogix Diamond Emblem are trademarks or registered trademarks of SecureLogix Corpora.on in the U.S.A. and other countries. All other trademarks men.oned herein are believed to be trademarks of their respec.ve owners.
MSSV OPERATIONAL UPDATE
* For informa.on on Nigeria dialing plans hZp://www.howtocallabroad.com/nigeria **For informa.on on Nigeria dialing rates hZp://www.aZ.com/u-‐verse/explore/interna.onal-‐rates.jsp#
COST SAVINGS IMPACT: • 20 outbound calls for 1,769 minutes to Nigerian cell phones* • 3 different source numbers, 3 different des.na.on numbers • 1,681 minutes came on a single $1,025.41 telephone call. • This could be an occurrence of Interna.onal revenue share fraud as defined by the Communica.ons Fraud Control Associa.on. hZp://www.cfca.org/
1,769 minutes $0.61/minute** $1,079.09 Start Time -‐ By Second In/Out Internal Number External Number Dura.on (minutes) Type Call Details Des.na.on Country
7/13/2010 11:15 Outbound [1](555)5554155 [234]()8075126083 1,680.65 Voice INTL Nigeria
RECOMMENDATION: • Use ETM Firewall to limit dura.on of Interna.onal calls
• 8 Interna.onal calls had a dura.on over 4 hours for the month. No other call exceeded 8 hours. • Put a policy in place to either terminate or e-‐mail security, fraud detec.on department, or SecureLogix when an interna.onal call exceeds this limit.
MSSV OPERATIONAL UPDATES
MSSV provides regular project reporting with a focus on analysis over raw data, with a clear linkage to business benefits. We concentrate on key security findings and efficiency/productivity/cost savings opportunities. An executive level format aids rapid decision-making support.
MSSV is your quickest and assured path to complete voice/UC network protection and ROI.
FUNCTIONALITY
VOICE FRAUD— INTERNAL AND
ExTERNAL
VOICE NETWORk SECURITY
RESOURCE UTILIzATION
MSSV provides a portfolio of reports and analysis aimed at delivering important decision making information in a regular and timely manner. The delivery of key findings is organized across six (6) core reporting areas that are the thematic pillars of the service. Each is defined below along with sub-listings of the specific reports and analysis taskings utilized to drive results and value for each service theme.
Reduce financial losses by preventing toll fraud attacks in real-time and detecting and preventing phone-based identity theft and social engineering schemes aimed at stealing customer information:
• Social Engineering
• Long Distance and International Calls
• Firewall and IPS Policy Management
• Unauthorized Toll Calls
• Fax Spam
• Multiple Call Trends
Prevent restricted data network access, misuse and abuse:
• Harassing Callers
• Calls to ISPs
• Firewall and IPS Policy Management
• 911 Policy & Alerts
• Modem Security
• Multiple Call Trends
• Calls to Restricted Numbers
Reduce corporate voice/UC expenses by using resource optimization reports to baseline, right size and plan trunking infrastructure, measure utilization rates for voice/UC resources and services, improve call routing plans, highlight VoIP toll bypass opportunities, and plan the most cost effective VoIP/UC migration build-out:
• Right Size Digital Trunks
• Unused Analog Lines
• Tie Line Study
• Directory Assistance
• Unanswered and busy
• Long Distance and International Calls
• Billing Plans
FEATURE
COMPLIANCE AND DATA-LOSS
PREVENTION
PRODUCTIVITY LOSS
INFRASTRUCTURE HEALTH AND STATUS
Secure the voice/UC network edge from all forms of voice threats including restricted network access, data leakage, customer ID theft, fraud and abuse to help complete the protection of the corporate perimeter and strengthen regulatory security compliance measures
• Modem Registration
• Block Unauthorized Modems
• Regulatory Compliance
• Firewall and IPS Policy Management
• Calls to ISPs
Improve business operations, productivity and training with employee productivity alerts and reports showing call volumes, durations and other details such as lower-than-expected volumes on key resource lines, or traffic patterns for inbound customer calls to aid staffing decisions or efficient call routing
• Excessive Unanswered or Busy
• Calls to Restricted Numbers
• Harassing Callers
• Calls to ISPs
• Long Distance and International Calls
• Business Operations
• Abuse/Misuse/Anomalies
Reduce the effort of your staff to reap the benefits of your ETM System by out-tasking our team of telecommunications professionals to help complete day-to-day voice/UC administration tasks.
• ETM System Administration
• Extension Masking
• Dial Plan
• ETM System Moves, Adds and Changes (MACs)
• Telecom/PBx Alarms
• Directory Management
SecureLogix Corporation 13750 San Pedro Ave.Suite 820San Antonio, Tx 78232
1-800-817-4837securelogix.com
© 2011 SecureLogix Corporation
ETM, TeleWatch Secure, TWSA, We See Your Voice, Unified Communications Policy Manager, SecureLogix, SecureLogix Corporation, as well as the ETM Emblem, SecureLogix Emblem and the SecureLogix Diamond Emblem are trademarks and/or service marks or registered trademarks and/or service marks of SecureLogix Corporation in the U.S.A. and other countries. All other trademarks mentioned herein are believed to be trademarks of their respective owners.
SecureLogix technologies are protected by one or more of the following patents: US 6,226,372 B1, US 6,249,575 B1, US 6,320,948 B1, US 6,687,353 B1, US 6,700,964 B1, US 6,718,024 B1, US 6,735,291 B1, US 6,760,420 B2, US 6,760,421 B2, US 6,879,671 B1, US 7,133,511 B2, US 7,231,027 B2, US 7,440,558 B2, CA 2,354,149, DE 1,415,459 B1, FR 1,415,459 B1, and gB 1,415,459 B1. U.S. Patents Pending.