Monitor VoIP Data not People
Zero-Trust VoIP Security Monitor
Privacy and VoIP Monitoring Dilemma
To analyse VoIP traffic, a VoIP monitoring collects all traffic, not only suspicious traffic. This provides the administrator with deep insight into suspicious traffic but also into logs describing the usage behaviour of all users. Legal and work regulations consider such a capability as an intrusion to the privacy of the employees and prohibit this kind of data collection and analysis.
The Zero-Trust VoIP Security Monitor solves this dilemma by encrypting the data during the collection process. All analysis and processing steps done by the Monitor are done on the basis of encrypted data. The results of the analysis and processing are displayed in an anonymised manner.
at Your Network
The Zero Trust VoIP Security Monitor provides the VoIP service operator with a detailed overview of the VoIP infrastructure's performance and alerts them to failures. The monitor collects data in near real-time from the ABC Session Border Controller (SBC) or a special probe. In this way, the Zero Trust VoIP Security Monitor can even detect VoIP traffic that is encrypted or hidden by topology obfuscation.
Our Home Dashboard provides an overview of all parallel calls and registrations, as well as a comparison with the previous day's data.
All data collected and processed by Zero Trust VoIP Security Monitor is encrypted before being analyzed. If required by law, work regulations or technical necessity, the Zero Trust VoIP Security Monitor administrator can still access the encrypted data by applying a decryption key. This allows the system administrator to view the collected data in plain text and gain access to the actual phone traffic instead of the encoded one. When the data is accessed, a long-term log automatically records when it was accessed and by whom.
Our charts also focus on topology and visualizes statistics for calls between Call Agents. This helps discover situations such as a destination Call Agent often failing to complete calls, or SIP compatibility issues on a link from one node to another.
The directed cyclic relationship graph shows the flow between call agents. The stronger the lines, the more traffic the events represent on this route.
The network statistics dashboard shows the amount of traffic processed by all of the managed SBCs, both at high-level (number of calls and registrations) and low-level (number of bytes and packets). It also shows statistics of automated blacklisting.
Statistics & Filters
Toplists show most active users by various metrics: call attempts, call minutes, number of short calls, etc. To add more information about traffic, we also have average call failure ratio, average seizure ratio (ASR), average call duration (ACD) and more.
There are data filters, type filters, time filter, and full-text filters. Data filters are used to filter out all events with the same data field values. They can be created from many elements shown in the dashboards. Every data filter can be deleted, deactivated, and importantly pinned. Type filter checkboxes are shown in the top-bar and allow to easily restrict events by their respective types. Time filter sets the window of inspect time either absolutely, or relatively to current time. The full-text filter looks for a pattern in multiple fields of the available events.
Automatic alarms help secure your system. Every alarm will generate the exceeded limit event type. Also, it can send warning e-mails to users.
Too frequent calls
Too short calls
Too frequent auth failure
Too many IPs hidden behind an URI
Too many URIs behind an IP
Poor failure ratio
Qos & Reports
QoS reports are included in the call-stop events in JSON format. The reports include two parts, one for the media streams from and to the caller, and another one for the streams from and to the called party. Low QoS lebels are highlights.
The Home dashboard shows the most important data in a single comprehensible page. This page can also be sent to administrator by email on a daily basis to report on the previous 24 hours. It gives an overview of how “healthy” the network is.
The system additionally generates weekly reports to show trends. Graphs in reports show the values over the past seven days and compare head-to-head current and previous weekly averages.
System & Realm Statistics
The Dashboard System shows how SBCs are doing in terms of memory and CPU. This specifically useful to identify overload situations.
Realms Stats are a subset of network statics, broken down by realms.
ABC Monitor vs. Zero-Trust VoIP Security Monitor
Zero-Trust VoIP Security Monitor
Data Source: Probe
Date Source: ABC SBC