Lead Story of the Month May 25, 2011
Posted by admin in : Redshift Networks , comments closedRedShift Networks, the leader in secure communications and collaboration solutions, announces the availability of RedShift UCTM E-SBC session border control appliance heavily tuned to serve the demanding security and interoperability requirements for enterprise VOIP/UC deployments. ??With the growing SIP Trunk deployments, RedShift UCTM E-SBC appliance provides unparalleled levels of security, control and visibility for today’s demanding Enterprise UC & Collaboration networks – far exceeding security on any other E-SBC available in the planet today.
Redshift Networks is a Finalist for the 2011 Red Herring Top 100 North America Award May 25, 2011
Posted by admin in : Redshift Networks , comments closed
Redshift Networks announced today it has been selected as a Finalist for Red Herring’s Top 100 North America award, a prestigious list honoring the year’s most promising private technology ventures from the North American business region.
The Red Herring editorial team selected the most innovative companies from a pool of hundreds from across North America. The nominees are evaluated on both quantitative and qualitative criteria, such as financial performance, technology innovation, quality of management, execution of strategy, and integration into their respective industries.
This unique assessment of potential is complemented by a review of the actual track record and standing of a company, which allows Red Herring to see past the “buzz” and make the list an valuable instrument for discovering and advocating the greatest business opportunities in the industry.
“This year was very rewarding,” said Alex Vieux, publisher and CEO of Red Herring. “The global economic situation has abated and there are many great companies producing really innovative and amazing products. We had a very difficult time narrowing the pool and selecting the finalists. Redshift Networks shows great promise therefore deserves to be among the Finalists. Now we’re faced with the difficult task of selecting the Top 100 winners of Red Herring North America. We know that the 2011 crop will grow into some amazing companies that are sure to make an impact.”
Finalists for the 2011 edition of the Red Herring 100 North America award are selected based upon their technological innovation, management strength, market size, investor record, customer acquisition, and financial health. During the several months leading up to the announcement, hundreds of companies in the telecommunications, security, Web 2.0, software, hardware, biotech, mobile and other industries completed their submissions to qualify for the award.
The Finalists are invited to present their winning strategies at the Red Herring North America Forum in Hollywood, California, June 13-15, 2011. The Top 100 winners will be announced at a special awards ceremony the evening of June 15 at the event.
VOIP/UC Network Botnet Scanning and Discovery based Attacks on the Rise July 28, 2010
Posted by admin in : Redshift Networks, Security Threats, UC&C , add a commentRich Unified Communications and Collaboration (UC&C) services are now being delivered across any device, any place and at any time. With the rise of new powerful fixed and mobile endpoint technologies such as the IPAD, the Android or IPhone smart phone, customers are now embracing UC/VOIP services at a potential never possible before. As a result, VOIP/UC networks are also becoming more porous as the network perimeter once confined and secured inside the DMZ perimeter is now extended across multiple untrusted domains, geographies, users and endpoints. The traditional definition of security perimeter is now broken.
In this posting, we talk about VOIP/UC network Botnet scanning and discovery based attacks being on the rise. The specific attacks happened in one of the major VOIP provider and this makes it very interesting. The SIP provides OPTIONS methods that allow a User Agent (UA) to query another UA or a proxy server as to its capabilities. This allows a client to discover information about the supported methods, content types, extensions, codecs, etc. without “ringing” the other party. All UAs MUST support the OPTIONS method.
Unfortunately, this also provides base for attackers to probe the network and find out more details on the internal VOIP/UC network topology, endpoints, server IPs, valid usernames or extensions etc. The attacker studies the responses from methods such as SIP OPTIONS, REGISTER or INVITE methods to make some pretty good guesses on valid extensions, usernames or server IPs etc. This often is a precursor to more sophisticated attacks such as Toll Fraud attacks, eavesdropping, message stealing, stealth DOS attacks on specific user extensions, War Dialing and SPAM attacks.
The scary part is that there are lot of publicly available tools that can quickly brute force and automate the generation of such requests and provide a list of valid usernames, extensions, user credentials, server names, IPs etc. Preventing such attacks without employing a sophisticated UC stateful and protection device is very difficult. It is very hard to shield UC/VOIP services that by their very nature need to be exposed to a certain extent.
Attacks are happening on our customers networks July 24, 2010
Posted by admin in : Redshift Networks, UC&C , add a commentWe’ve been working very hard building our business with our products getting installed in different networks across the globe. We have started to see from our current deployments that attacks are happening in the Unified Communications and Collaboration realm. There is already a lot of news in the press and on the web about these attacks. We’re seeing our customers get attacked!!
Unfortunately enterprises and carriers that have Unified Communication & Collaboration solutions and applications can’t detect these attacks; The current generation of security solutions are not adequate enough to provide protection or trace these new security threats. (more…)
Google your Unified Communications & Collaborations (UC&C) Infrastructure May 27, 2010
Posted by admin in : Redshift Networks, Security Threats , add a commentIt’s surprising and often easy to note how widespread and far reaching internet is today. Long time ago, Johnny Long documented on internet how one can use Google searches effectively to search for relevant and confidential information over the internet.
There’s a lot of information around the network around this topic; surprisingly one using very simple scanning and discovery tools can find lot of information about companies that otherwise should never be disclosed. Most often, this is due to poor security controls being placed on information disclosure.
Do you know what information is available on the internet about your UC&C Infrastructure? Do you know if anybody can reconfigure your telephone from internet?
So, I started googling the web in search for specific information about edi UC&C infrastructures using some standard keywords as listed below. The results are very alarming and show that several UC&C internal networks and systems are publicly visible on the internet with very little security controls. Typical results ranged from absolutely no security enforcements being placed to limited security that uses default vendor published passwords that are easy for anyone to guess. (more…)
About this blog May 26, 2010
Posted by admin in : Redshift Networks , add a comment
My name is Amitava Mukherjee and I am the CEO of RedShift Networks. We are a company based in Silicon Valley, California, with offices around the world.
This blog is meant to address the growing concern of security threats and attacks around Unified Communications, Collaboration and video/voice web-based applications. (more…)