Table of Contents |
---|
Introduction
ITIL (Information Technology Infrastructure Library) is a set of practices for IT Service Management that focuses on aligning IT services with the needs of business. The ITIL processes all interwork, providing IT management with an end-to-end view of the technology and services being provided, maximizing uptime and providing a high quality experience for end-users.
VSM is based on delivering seven of the ITIL disciplines:
- Configuration Management
- Capacity Management
- Availability Management
- Change Management
- Release Management
- Continuity Management
- Security Management
Avaya Session Border Controller (ASBC)
SBC is a special-purpose device that protects and regulates IP communications flows. As the name implies, session border controllers are deployed at network borders to control IP communications sessions. Originally conceived to protect and control VoIP networks, SBCs are now used to regulate all forms of real-time communications including VoIP, IP video, text chat and collaboration sessions.
SBCs manipulate IP communications signalling and media streams, providing a variety of functions including:
- Security - SBCs protect against Denial of Service (DoS) and Distributed DoS (DDoS) attacks, safeguard against toll fraud and service theft, and provide media and signalling encryption to ensure confidentiality and protect against impersonation/masquerade
- Multivendor interoperability - SBCs normalize SIP (Session Initiation Protocol) signalling stream headers and messages to mitigate multivendor incompatibilities
- Protocol interworking - SBCs enable interworking between diverse protocols (i.e. SIP-to-H.323) or diverse codecs (i.e. g.711 to g.729 transcoding)
- Quality of Service (QoS) - SBCs enforce call admission control (CAC) policies, type of service (ToS) marking, or rate limiting for service quality assurance
- Session routing - SBCs route sessions across network interfaces to ensure high availability or enable least cost routing (LCR)
Managing SBC in real-world environments
VSM's Security Manager is essential in protecting organizations from cyber attack.
SIP based communication needs counter-measures to prevent hacker intrusion, bandwidth abuse, toll fraud, service hijacking and denial of service attacks.
These threats cannot be mitigated by the session border controller (SBC) alone. Relying solely on the SBC is like having good locks and catches on your doors and windows at home, but having no security system to alert you if these are being tested, or worse still, breached.
...
It gives you a picture of threats in real time. Ensure your platform continues to separate trusted from untrusted networks. If your SBC rules are being tested, be informed and take mitigating actions BEFORE a breach occurs.
Security Reports are available in VSM's Security Manager under Security Manager > Reports.
VSM and ASBC System Health
VSM collects and stores configuration, capacity and availability information relating to the consumption of all essential SBC resources. This data is mined at all levels, from infrastructure through to the SBC application layers. It stores this information for reporting, trending and analytical purposes. VSM specifically targets critical areas in SBC that indicate business-impacting issues.
...
- To enable IT teams to proactively identify potential issues and prevent outages.
- To provide a real time view of overall SM health at a glance without having to rely on end-users reporting problems.
- In the event of a service-impacting incident to significantly reduce Mean Time to Repair (MTTR) and therefore to reduce the impact on business operations by quickly identifying the root cause.
Network Interface
Best practice "secure by design" strategy separates management, trusted and untrusted networks
Services
View the status of the individual application services on the SBC.
Application Status
Shows the application name, if it is running and how long that application has been running for.
- SS
- sems
SIP Protocol
See current volumes for:
- Invites
- 1xx Response
- 2xx Response
- 4/6xx Response – totals here indicate a problem
SIP Calls
View Total Calls broken down by Active Calls, Active SRTP Calls, TCP Registrations, LCP Registrations, TLS Registrations, Call Received and Call Allowed.
Security Violations
VSM tracks the number of SIP Calls that are Blocked, Failed or Denied for a multitude of typical problems:
...