SecureLogix Managed Security Service for Voice

Proactively Monitor and Respond to Voice/UC Threats. Harvest Your Maximum Cost Savings Potential.

SecureLogix® Managed Security Service for Voice

The SecureLogix® Managed Security Service for Voice is your quickest, most economical, and assured path to complete voice/UC network protection, fraud and financial loss prevention, optimized voice service quality and expense management, and enhanced organizational productivity through enhanced voice/UC intelligence.

The SecureLogix® Managed Security Service for Voice (MSSV) delivers real-time voice network monitoring, analysis, oversight, and protection provided by expert-level system engineers and analysts. It combines voice/UC threat monitoring and mitigation services with network utilization and usage intelligence. The result is a secure and efficient enterprise UC environment optimized for quality and cost.

MSSV gives you maximum insight into the voice network details needed for managerial decision support. Armed with MSSV, you can see and respond to voice threats that may have been previously unidentified. Regular, monthly reporting delivers cost saving recommendations based on network utilization and usage details. Regular reporting keeps your ROI benefits in perpetual focus, and we continually track our progress in delivering cost savings opportunities to you.

Through the MSSV, you can leverage SecureLogix as an extension of your staff. We can perform targeted investigations, analyze and problem solve around specific issues, produce actionable recommendations, profile new and emerging threats, and build, deploy and manage enterprise-wide voice/UC security and cost management policies.

Our structured, multi-year, iterative MSSV program plan ensures realistic goal attainment. It helps ignite a renewed focus on expense reduction while protecting against severe and costly threats that could not previously be addressed. We

begin with a rigorous program to baseline infrastructure, traffic, and existing vulnerabilities and threats. Transitions to SIP trunking and UC systems can be properly secured, and the operational network can be baselined prior to new system deployment, and measured for post-deployment costs, benefits, and real-world, operational ROI.

MSSV can collect intelligence and implement security policies across any mix of TDM/SIP/UC infrastructure for fully unified, enterprise-wide visibility and control. All customers benefit from specific and generalized intelligence and best practices profiled across other MSSV customers. The SecureLogix MSSV ensures that you receive the maximum benefit from your ETM System investment.

Prevent malicious or unwanted voice traffic to dramatically boost your security, compliance, and cost reduction efforts

360° Perimeter Security

Voice AnAlyticS to reduce FinAnciAl loSSeS And

mAnAge exPenSeS

centrAlized Policy control

unPArAlleled inSight For inFormed deciSion mAking &

Vendor mAnAgement

• Compliments existing data network security solutions and services to complete the enterprise security perimeter. Analysts continually monitor, analyze and block internal financial loss and external attacks targeting traditionally unmonitored voice/UC networks.

• Prevents network security breaches and virus infections via voice/UC infrastructure. Blocks modem attacks, harassing/threatening calls, voice fraud / toll fraud, and voice spam. Can identify and mitigate Telephony Denial of Service (TDoS) attacks and social engineering schemes.

• Transitions to SIP/UC open enterprise to further risk and heightened need for security completeness.

• Provides unique traffic records and recordings for forensics including toll fraud, ISP calls, harassing callers, and social engineering.

• Ensures greater diligence for regulatory compliance

• Reduces costs associated with making point-in-time infrastructure planning, capacity growth, and concurrent call licensing decisions with limited information.

• Reduces telecom expenses by identifying LD abuse and other unauthorized use of corporate voice service and resources.

• Optimizes voice infrastructure and services such as underutilized trunks, fax resources, exhausted SIP sessions, and phone extensions. Baselines telecom infrastructure and utilization for most cost effective VoIP/UC migration build-out.

• Data is regularly collected, analyzed, and presented to MSSV customers to guide business decision making.

• Improves business operations with employee or departmental productivity and efficiency reports showing call volumes, unanswered calls, and other details.

• MSSV team can work proactively to develop voice/UC security and management policies, or react in a timely manner to meet new threats or opportunities.

• Single-point of expert policy design and implementation across TDM and/or SIP environments with real-time ability to implement proactive changes.

• Independent of moves, adds, changes in underlying infrastructure.

• Provides reports across a broad set of performance metrics, grouped into six areas: Security and Safety, Fraud, Resource Utilization, Compliance, Productivity Loss, and Infrastructure Health.

• Reports critical call events that are difficult, if not impossible to detect, with other systems.

• Proactively manages internal and external resources such as Telco contractors, carriers, IT maintenance, accounting support, etc.

• Provides regular report-outs which can be used as base material to manage, direct and inform the broader organization.

PROBLEM SOLUTION

Secure & coSt eFFicient trAnSition to uc

out-tASking And StAFF AugmentAtion

• Analyzes the types, volumes, trending, and traffic patterns of current calls across all your office locations for more cost efficient and right-sized transition to SIP/UC systems and concurrent calls capacity from service providers.

• Maintains centralized, consistent voice/UC policies during transition to SIP/UC.

• Documents real-world, operational savings/ROI from transition to SIP trunking and UC.

• Augments existing IT resources as most effective operators of SecureLogix solution.

• MSSV staff can perform targeted investigations, analyze and problem solve around specific issues, produce actionable recommendations, profile new and emerging threats, and build, deploy and manage enterprise-wide voice/UC security and cost management policies.

• Provides data to audit supplier performance, proactively maintains health and quality of voice/UC network, and responds to threats and emergencies such as calls to 911.

A full range of services to help you achieve maximum ROI

CustomerTechnical Support

Planning &Deployment

Hosting

TACTICALPRODUCT PROFESSIONAL MANAGED STRATEGIC

VALUE / ROI

AssistedOperate

Training Monitoring &Response

Maintenance &Tuning

Out-TaskingSupport

Optimization &Evolution

MSSV

SUPPORT

SERVICES PORTFOLIO

SecureLogix offers a full portfolio of Support, Professional, and Managed Services to help you meet your organization’s voice/UC security and intelligence needs. We offer product centric Support Services, project oriented Professional Service to help customers achieve maximum ROI.

7% 12%

1% 1%

100%

3% 2% 1%

18%

99%

1%

100%

5%

100%

1% 1%

75%

0%

20%

40%

60%

80%

100%

120%

0

10,000

20,000

30,000

40,000

50,000

60,000

70,000

80,000

Site A Site B Site C Site D Site E Site F Site G Site H Site I Site J Site K Site L Site M Site N Site O Site P Site Q

Per

cent

Una

nsw

ered

Cal

l Vol

ume

Inbound Unanswered Calls

Unanswered Calls Unanswered %

0

10000

20000

30000

40000

50000

60000

January February March April May June July August September

Long

Dis

tanc

e C

all V

olum

e

Outbound Long Distance Calls on Customer Switch

1963 1905

5902

10697

0

2000

4000

6000

8000

10000

12000

May June July August

Term

inat

ed C

all V

olum

e

Corporate Facility - Terminated Inbound Calls

248 230

125

240

181 188

92

104

0

50

100

150

200

250

300

350

400

450

500

May June July August

Num

ber o

f Fra

udle

nt C

alls

Proportion of Fraudlent Calls Directed at Contact Center

Elsewhere

Contact Center

ACTIONABLE INSIgHT

Unequalled insight into voice application usage and performance results in clear identification of issues and paths to resolution. Effectiveness of proactive policies are measured to ensure our customers are optimally protected.

Five sites above have unacceptably high

inbound unanswered call rates, affecting customer

satisfaction – typically due to voicemail, iVr or circuit

mis-configuration.

harassing caller termination policy shown to be effectively protecting the customer during a rapidly increasing incidence of aggressive harassing caller campaigns.

our Fraudulent callers database helped this customer identify Social engineering activity in their payments contact center.

real-time alarms can be set to discover incidents such as toll Fraud or to

detect unanticipated effects of network

changes, with ability to measure effectiveness of

remediation program.

DISCOVERY MOBILIZATION ACTUALIZATION CONTINUATION

STARTInitial F/W Update F/W Ongoing F/W Tuning LD over Local Study Detailed ROI Analysis

Initial IPS Update IPS Ongoing IPS Tuning Recover Capacity Unauth Traffic Final Security/ROI Recommendations

Initial Usage Rep Memo Modern Usage

Initial Perf Rep

Modem Registration Modem Blocking

DoS/Spam/Harass DoS/Spam/Harass Blocking

LD, Intl and Local Call Abuse

Toll, DA, Call Abuse

Yr 1 Utilization Yr 2 Utilization

Tie Line Study

Unauth Modem Main Ports

Underused 1FB Memo LD / Intl Usage

Resource UtilizationOngoing Usage Rep Tuning

Ongoing Perf Rep Tuning

MSSV program plan helps your organization with realistic goal attainment.

MSSV PROgRAM PLAN

A structured, multi-year, phased MSSV program plan helps your organization with realistic goal attainment. It begins with a rigorous and scientific program to baseline infrastructure, traffic and existing vulnerabilities and threats.

August 2010

Company X

Voice Network Security & Management 8/17/10

MSSV OPERATIONAL UPDATE

A monthly operational, security and cost savings update package prepared by: SecureLogix Corporation

Direct any ques.ons to: Chad M Finley CISSP Sr. Voice Security Analyst [email protected]

© Copyright 2009 SecureLogix Corpora.on. All Rights Reserved. ETM, SecureLogix, SecureLogix Corpora.on, the ETM Emblem and the SecureLogix Diamond Emblem are trademarks or registered trademarks of SecureLogix Corpora.on in the U.S.A. and other countries. All other trademarks men.oned herein are believed to be trademarks of their respec.ve owners.


Home Office Operational and Security Analysis

Cat. Red

Cat.Yellow

Cat.Green

• Produc3vity Impact: Three extensions combined for 13,979 Unanswered and 7,441 Busy calls. Recommend Ac3on: Verify the extensions are working properly and are s.ll ac.ve.

• Cost Impact: (000)001-‐7426 showed a substan.al devia.on from the normal paZern seen for Interna.onal calling with several long dura.on calls. Recommend Ac3on: Ensure this extension’s calls are business related. Protect against future Interna.onal toll charges via ETM policy if necessary.

• Security Impact: A sandwich shop in Cedar Rapids had 300 minutes of access to a Company X modem. Recommend Ac3on: Create an ETM rule to enhance security for the modem. (2-‐Factor Authen.ca.on)

• Security Impact: Outbound modem calls can be used for a mul.tude of business needs, but they can also be used to exfiltrate data from the Company X network circumven.ng network firewalls, data filters and IPS. Recommend Ac3on: Establish a list of authorized des.na.ons for modems and enforce via ETM policy.

• Cost Impact: 1,681 minutes long, $1,025.41 telephone call to a Nigeria cell phone. Recommend Ac3on: Establish an ETM policy rule to terminate or no.fy on long Interna.onal calls.

• Cost Impact: Site using 1-‐700-‐701-‐xxxx to call local Sites. Na.onal monthly savings of $11,813 Recommend Ac3on: Training employees, pos.ng of local numbers for near-‐by Sites by telephones.



RECOMMENDATION: •  According to records, (555) 555-‐1490 is the Maintenance Modem

•  Determine physical loca.on of this modem and verify opera.on • Since this modem has not func.oned properly in several months, it is possible this modem is not required. Get with caller to see if calls can be discon.nued.

•  (555) 555-‐4092 is not properly iden.fied in the Directory •  Follow same ac.ons as Modem A above.

•  (000) 555-‐9999 answers 38% of all calls, indica.ng this is a ac.ve line. The high number of busy calls suggests more resources may be needed to handle the volume this number experiences.

PRODUCTIVITY IMPACT: • (555) 555-‐1490 and (555) 555-‐4092 were never answered during the month of July despite a combined 18,280 aZempts. • These two numbers always returned either a ring or a busy tone. This indicates a problem on the lines and the number of call aZempts (11,816 on x-‐1490 6,464 on x-‐4092) suggest these are high demand services. • 56% of the calls to 555-‐9999 received a busy tone. The 5,427 calls also indicates this is a high demand service



* For informa.on on Nigeria dialing plans hZp://www.howtocallabroad.com/nigeria **For informa.on on Nigeria dialing rates hZp://www.aZ.com/u-‐verse/explore/interna.onal-‐rates.jsp#

COST SAVINGS IMPACT: • 20 outbound calls for 1,769 minutes to Nigerian cell phones* •  3 different source numbers, 3 different des.na.on numbers •  1,681 minutes came on a single $1,025.41 telephone call. •  This could be an occurrence of Interna.onal revenue share fraud as defined by the Communica.ons Fraud Control Associa.on. hZp://www.cfca.org/

1,769 minutes $0.61/minute** $1,079.09 Start Time -‐ By Second In/Out Internal Number External Number Dura.on (minutes) Type Call Details Des.na.on Country

7/13/2010 11:15 Outbound [1](555)5554155 [234]()8075126083 1,680.65 Voice INTL Nigeria

RECOMMENDATION: • Use ETM Firewall to limit dura.on of Interna.onal calls

•  8 Interna.onal calls had a dura.on over 4 hours for the month. No other call exceeded 8 hours. •  Put a policy in place to either terminate or e-‐mail security, fraud detec.on department, or SecureLogix when an interna.onal call exceeds this limit.

MSSV OPERATIONAL UPDATES

MSSV provides regular project reporting with a focus on analysis over raw data, with a clear linkage to business benefits. We concentrate on key security findings and efficiency/productivity/cost savings opportunities. An executive level format aids rapid decision-making support.

MSSV is your quickest and assured path to complete voice/UC network protection and ROI.

FUNCTIONALITY

VOICE FRAUD— INTERNAL AND

ExTERNAL

VOICE NETWORk SECURITY

RESOURCE UTILIzATION

MSSV provides a portfolio of reports and analysis aimed at delivering important decision making information in a regular and timely manner. The delivery of key findings is organized across six (6) core reporting areas that are the thematic pillars of the service. Each is defined below along with sub-listings of the specific reports and analysis taskings utilized to drive results and value for each service theme.

Reduce financial losses by preventing toll fraud attacks in real-time and detecting and preventing phone-based identity theft and social engineering schemes aimed at stealing customer information:

• Social Engineering

• Long Distance and International Calls

• Firewall and IPS Policy Management

• Unauthorized Toll Calls

• Fax Spam

• Multiple Call Trends

Prevent restricted data network access, misuse and abuse:

• Harassing Callers

• Calls to ISPs


• 911 Policy & Alerts

• Modem Security

• Multiple Call Trends

• Calls to Restricted Numbers

Reduce corporate voice/UC expenses by using resource optimization reports to baseline, right size and plan trunking infrastructure, measure utilization rates for voice/UC resources and services, improve call routing plans, highlight VoIP toll bypass opportunities, and plan the most cost effective VoIP/UC migration build-out:

• Right Size Digital Trunks

• Unused Analog Lines

• Tie Line Study

• Directory Assistance

• Unanswered and busy


• Billing Plans

FEATURE

COMPLIANCE AND DATA-LOSS

PREVENTION

PRODUCTIVITY LOSS

INFRASTRUCTURE HEALTH AND STATUS

Secure the voice/UC network edge from all forms of voice threats including restricted network access, data leakage, customer ID theft, fraud and abuse to help complete the protection of the corporate perimeter and strengthen regulatory security compliance measures

• Modem Registration

• Block Unauthorized Modems

• Regulatory Compliance


• Calls to ISPs

Improve business operations, productivity and training with employee productivity alerts and reports showing call volumes, durations and other details such as lower-than-expected volumes on key resource lines, or traffic patterns for inbound customer calls to aid staffing decisions or efficient call routing

• Excessive Unanswered or Busy

• Calls to Restricted Numbers

• Harassing Callers

• Calls to ISPs


• Business Operations

• Abuse/Misuse/Anomalies

Reduce the effort of your staff to reap the benefits of your ETM System by out-tasking our team of telecommunications professionals to help complete day-to-day voice/UC administration tasks.

• ETM System Administration

• Extension Masking

• Dial Plan

• ETM System Moves, Adds and Changes (MACs)

• Telecom/PBx Alarms

• Directory Management

SecureLogix Corporation 13750 San Pedro Ave.Suite 820San Antonio, Tx 78232

1-800-817-4837securelogix.com

© 2011 SecureLogix Corporation

ETM, TeleWatch Secure, TWSA, We See Your Voice, Unified Communications Policy Manager, SecureLogix, SecureLogix Corporation, as well as the ETM Emblem, SecureLogix Emblem and the SecureLogix Diamond Emblem are trademarks and/or service marks or registered trademarks and/or service marks of SecureLogix Corporation in the U.S.A. and other countries. All other trademarks mentioned herein are believed to be trademarks of their respective owners.

SecureLogix technologies are protected by one or more of the following patents: US 6,226,372 B1, US 6,249,575 B1, US 6,320,948 B1, US 6,687,353 B1, US 6,700,964 B1, US 6,718,024 B1, US 6,735,291 B1, US 6,760,420 B2, US 6,760,421 B2, US 6,879,671 B1, US 7,133,511 B2, US 7,231,027 B2, US 7,440,558 B2, CA 2,354,149, DE 1,415,459 B1, FR 1,415,459 B1, and gB 1,415,459 B1. U.S. Patents Pending.