UC-Sec Appliances
VoIP and Unified Communications Security Features
The award-winning line of UC-Sec security appliances offers a range of features for securely enabling unified communications. Specific features and performance parameters outlined below will vary depending on implementation requirements and models best suited to your environment.
Deployment
|
IP PBX & VLANs |
Mobile Workspaces |
-
Configuration proxy and management
-
Phone services proxy
-
Selective media anchoring
|
-
Phone registration refresh and remote NAT traversal
-
Configuration proxy for remote phone management
-
Remote phone services proxy
-
DSCP (DiffServ) QoS markings and RTCP
-
QoS reporting
-
Geographic distributed cluster proxy
-
Voice and video remote NAT traversal
|
|
SIP Trunks |
I/CLEC Networks |
-
SIP routing
-
SIP B2B interworking functions
-
SIP numbering plan manipulation
-
DSCP (DiffServ) QoS markings and RTCP QoS reporting
-
Signaling control requests, response manipulation
|
-
Media anchoring
-
Media silence detection
-
Media forwarding
-
Billing
|
Unified Communications Security
|
Threat Protection |
Policy Enforcement |
-
Block reconnaissance
-
Block DoS floods
-
Block DDoS floods
-
Block stealth DoS
-
Block fuzzing/malformed messages
-
Block spoofing, masquerading, toll fraud
-
Rogue media blocking
-
Block and verify anomalous behavior
|
-
Domain and user level blacklist
-
Network, User, Device, ToD-based policy control
-
Application control
-
Signaling control (SIP only)
-
Media control
-
Security rules and profiles
-
Soft key control
-
Device security profiles
-
Web application control
|
|
Access Control |
Privacy |
-
SSL/TLS X.509 certificate-based mutual authentication
-
Clientless 2-factor (RSA SecurID) authentication
-
Local firewall/NAT traversal
-
Secure Channel NAT traversal
-
SIP digest authentication
-
RADIUS AAA integration
-
Call admission control
|
-
Encryption (TLS to TCP) signaling proxy
-
Encryption (SRTP or ERTP to RTP) media proxy
-
Topology hiding (network privacy)
-
User caller ID privacy (user privacy)
|
Platform and Management
|
VIPER Engine |
Real-time Platform |
-
VoIP security signatures
-
Signature update service
-
Security policy templates
-
Device fingerprints learning
-
Real-time caller verification
-
Protocol stack verification
-
Media compliance to signaling
-
Behavior Learning
-
Protocol scrubber
|
-
High availability with sub-second failover
-
Multi-core network services processor with on-core crypto accelerators
-
Deterministic < 50 microsecond latency for encrypted media (SRTP)
|
|
Centralized Management |
Capacities |
-
Policy configuration: Web interface (HTTP, HTTPS) and CLI (SSH, serial cable)
-
SNMP
-
Syslog
-
Internal log to hard disk drive
-
Comprehensive FCAPS
-
Logging to PCAP file
|
-
UC-Sec is available in granular capacity levels to match customer needs, ranging from <200 user models to >100,000 user models. Please contact your local sales representative or distributor to determine which capacity is correct for your needs.
|
UC-Sec Spec Sheet