NX-C6000：VoIP Network Security Solutions
NX-C6000 IDS (Intrusion Detection System) is deployed in IMS (IP Multimedia Subsystem) core network of one of the major telecom operators in Japan in order for them to prevent malicious attackers against serious damages of their core systems or to detect abnormal traffic conditions. NX-C6000 IDS observes in real time what is happening in the live network then detects some attacks or threats on a daily basis. The case study proves that NX-C6000 is really helpful to detect omens of attacks and take safety precautions.
Case: NX-C6000 deployment in the telecom operator network
NX-C6000 IDS monitors in real time the core network of telecom operators
- Detection & Prevention of DoS attacks
- NX-C6000 IDS allows you to detect massive amounts of VoIP messages that exceed the preconfigured level of threshold or growth VoIP messages relative to the past timeframes in normal condition. NX-C6000 IDS also allows you to make an arbitrary shell script to control other systems. For instance, you may change ACL (Access Control List) configuration of the far-end layer 2 or 3 switch in your network edge(most close to the source of attacks) to shut off the attacks from particular IP addresses. This saves your live network so that other users could maintain their communications as if nothing had happened.
- Detection of Hijacked Premium Rate International Call
- NX-C6000 IDS is able to detect calls at premium rate, such as telephone 900 service in the U.S. and pay-per-call like services, stemmed from IP telephony system hijacking or phishing via web. In most cases, the security issue is caused by simple pass codes provisioned to the system and access permission from outside the system, the pay-per-call service provider may send users very large bills. In general, telecom operators and users are not able to know in real time if such fraud calls have happened, however, the fraud calls can be detected by using NX-C6000 IDS's black list or abnormal traffic detection feature so that they can put appropriate security measures in place.
- Auto-Detection of Malfuncional Devices
- NX-C6000 IDS supports well defined specifications of international standard VoIP protocols. This will be used to alert telecom operators when a call, of which the message is inconsistent with the standard, comes into the network. NX-C6000 IDS automatically detects for instance: non-permitted codecs, fraud IP addresses, caller identification errors, lack of mandatory parameters, and illegal headers as arbitrary preconfigured. Telecom operators do not have to consume engineering resources to analyze a bunch of VoIP messages since NX-C6000 automatically detects the failure in real time.