NextGen - Connect to the Next Generation

  1. NextGen
  2. Products
  3. VoIP Security
  4. NX-C6000

Products

Products
PRODUCTS INFORMATION

NX-C6000

NX-C6000 is a "network forensic and IDS" system targeted to SIP (Session Initiation Protocol). Operators can reduce time and effort on analysis of security threats as well as detecting silent network failures. NX-C6000 is the ultimate suite for VoIP service operations and maintenance.

Features

Visualization
  • Search and view call sequence of SIP messages captured via mirror port or TAP device. Search items menu (SIP header value etc.) can be modified.
  • List out and view SIP anomaly messages.
  • Monitor SIP traffic by graph. (Select SIP methods, message request/response, IP address, VLAN IDs etc.)
  • Trigger SNMP alarms by increase/decrease of traffic. (400% increase traffic compared to average of the last 5 weeks etc.)
  • Trigger immediate SNMP alarms on SIP message anomaly. (Inspect by RFC compliant BNF syntax+"user defined" signature matching)
High performance
  • Capture up to (*)12,000 SIP msg./sec (approx. 1,040,000,000 msg./day).
    (Peak performance : (*)33,600 msg./sec when realtime processing is delayed)
  • NX-C6000 application does not limit the maximum number of storable messages.
    Dependable on disk storage (Can store to multiple partitions)

(*) Packet loss during capture depends on H/W performance and OS design.
Productivity improvement
  • Start operations from your configured alarms, not by customer informants.
  • Productivity improvement leads to cost reduction of man power, better response time and customer satisfaction.

Network connectivity

NX-C6000 is applicable to most VoIP networks. Using a mirror port or TAP device insures "no influence" to the VoIP service.

Architecture

The NX-C6000 consists with the following components to provide flexibility for customer requirements. Optional service is available to provide information (from CERT etc.) on current VoIP related security threats and provide additional signature rules to detect illegal SIP messages that targets vulnerabilities of your SIP server.

SIP Message Capture
Capture packets containing SIP messages. Together with our NX-B5000 (SBC), NX-C6000 can analyze traffic on an TCP/TLS network environment.
SIP Message Storage
Store analyzed SIP messages to database. Equipped with congestion control, NX-C6000 will withhold database storage processing depending on it's CPU usage.
SIP Message Search
Search SIP messages via Web based I/F. Search results can be saved separately for long-term investigation.
Statistics & Graph
Create statistics of SIP messages for graph output.
SIP Message Count & Compare
Count SIP messages based on message type (Method/Request/Response etc.) combining with phone numbers or specific user IDs. Compare (increase/decrease) count values (Max/Min/Avg.) with the past.
SIP Message Realtime Analysis
Realtime analysis to detect SIP message anomaly. Analysis inspection is based on RFC compliant(or non) BNF Syntax and "user defined" signature mapping.
SNMP Alarm Notification
Trigger SNMP trap messages from the results of "Increase/Decrease of SIP messages" or by immediate "SIP Message anomaly detection".
External Command, Execution
Execute external commands (e.x. shell or controlling L2SW ACLs, send commands to SIP server) to prevent internal SIP servers from SIP DoS or illegal SIP message attacks.

Hardware and software requirements

Recommended
Runs on standard IA servers
  • OS: Red Hat Enterprise Linux 5.3
  • CPU: Intel Xeon X5550 2.66GHz over
  • Memory: 4GB over
  • HDD: depend on requirement
Please contact us for detailed recommendations based on your environment.

Page Top

Copyright NEXTGEN All Rights reserved.