Enterasys Networks this week unveiled a security system for enterprise VOIP networks.
Called Enterasys Secure Open Convergence, the system comprises Enterasys security software applications and the company's switching, routing and wireless infrastructure products. It is designed to detect and respond to security threats against the IP telephony infrastructure, enforce network access-control policies, and comply with regulations such as CALEA and E911, Enterasys says.
The Enterasys NAC and Dragon security software detects unauthorized use of VOIP systems, prevents service disruption and eavesdropping, and monitors voice networks for new threats. The Dragon Intrusion Detection/Prevention System offers signature and protocol behavioral analysis for H.323 and SIP protocols.
The Enterasys NAC software assesses, authenticates and authorizes VOIP users and telephony devices before allowing them onto the network, and enforces role-based policies after they are connected, Enterasys says.
E911 compliance is enabled through location services in Enterasys NAC that identify the user and physical location when an emergency call is placed. Compliance with the Communications Assistance for Law Enforcement Act (CALEA) allows individual voice conversations or calls to/from a specific user to be redirected from an Enterasys Matrix switch for subsequent recording and analysis, Enterasys says.
The company's switches, routers and wireless connectivity devices also have embedded policy-based security features on every interface, the company says. The company's Matrix switches are able to separately secure and prioritize a phone, camera, printer and computer connected to a single network port and provide flow-based visibility over individual voice, video and data conversations, Enterasys claims.
Policy is controlled through Enterasys' NetSight suite of management applications. Policies are based on user and application rather than port or VLAN access control lists, Enterasys says.