Hi Shaun I have evaluated a solution that is good enough flexible for us, it is based 100% on SIP so it generates alerts pretty fast, almost online, and it has proved to catch irregular traffic which resulted in fraud calls so that we can block immediately; this way this system is better than the CDR based in house developed system we do use to detect irregular traffic. Such new solution is called Redshift from Redshift Networks by the way.
Regards Santiago ________________________________________ De: VoiceOps [voiceops-boun...@voiceops.org] En nombre de Shaun Gill [shaun.g...@is.co.za] Enviado el: lunes, 02 de febrero de 2015 01:01 a.m. Para: Glen Gerhard; voiceops@voiceops.org Asunto: Re: [VoiceOps] Fraud Management Thank you for the info Glen. We have done a POC on OCFM (Oracle Communications Fraud Monitor; the old FDAP - Fraud Detection and Prevention) that relies on OCOM (Oracle Communications Operations Monitor; old Acme Palladion product) to feed into the OCFM server. We could not get the call correlation on OCOM to work properly without extensive changes to our existing infrastructure. The call correlation issues resulted in bad data fed into the fraud monitor and resulted in false positives. Will have a look at the options below. Regards, Shaun From: Glen Gerhard <ggerh...@sansay.com<mailto:ggerh...@sansay.com>> Date: Friday 30 January 2015 3:40 PM To: "voiceops@voiceops.org<mailto:voiceops@voiceops.org>" <voiceops@voiceops.org<mailto:voiceops@voiceops.org>> Subject: Re: [VoiceOps] Fraud Management Hi Shaun, most systems work off CDR files (or Radius or Diameter steams) so are proprietary in what products they support (http://oculeus.com is one such system). There are some products that are auto-learning based on SIP monitoring so are device independent. http://tollshield.com is one of them and builds a network profile over several week to understand "normal" traffic patterns. It can alert on variations of those patterns. These systems requires monitoring ports whereas the CDR approach does not need SPAN ports. Also there is a difference between systems that can alert on fraud on ones that can proactively shut off service to suspect devices. The proactive ones are usually device specific and more expensive and raise the risk of false positives. Regards, ~Glen On 1/29/2015 11:19 PM, Shaun Gill wrote: Hi Brad, Neither - We are not using a product at this stage; using a combination of routing profiles (BSFT) and originating source IPs to block suspect traffic. Regards, Shaun From: Brad Anouar <brad.ano...@masergy.com<mailto:brad.ano...@masergy.com>> Date: Friday 30 January 2015 3:07 AM To: Shaun Gill <shaun.g...@is.co.za<mailto:shaun.g...@is.co.za>> Cc: Jay Cox <j...@appiaservices.com<mailto:j...@appiaservices.com>>, "voiceops@voiceops.org<mailto:voiceops@voiceops.org>" <voiceops@voiceops.org<mailto:voiceops@voiceops.org>> Subject: Re: [VoiceOps] Fraud Management Shaun, Have you used the SIP or CDR based product? On Thu, Jan 29, 2015 at 3:26 PM, Shaun Gill <shaun.g...@is.co.za<mailto:shaun.g...@is.co.za>> wrote: Noted – I will be checking this out Jay. From: Jay Cox <j...@appiaservices.com<mailto:j...@appiaservices.com>> Date: Wednesday 28 January 2015 3:44 PM To: Shaun Gill <shaun.g...@is.co.za<mailto:shaun.g...@is.co.za>>, "voiceops@voiceops.org<mailto:voiceops@voiceops.org>" <voiceops@voiceops.org<mailto:voiceops@voiceops.org>> Subject: RE: [VoiceOps] Fraud Management Shaun: I have used the TransNexus solution for a long time. Jay Cox Mobile 314 910 7242 From: VoiceOps [mailto:voiceops-boun...@voiceops.org] On Behalf Of Shaun Gill Sent: Wednesday, January 28, 2015 2:37 AM To: voiceops@voiceops.org<mailto:voiceops@voiceops.org> Subject: [VoiceOps] Fraud Management Hi Guys, Trying to get a feel for what fraud systems are out there for VoIP service providers; primarily using terrestrial mediums (such as metroE; diginet) with clients interconnecting via IP PBXs, voice gateways and IP phones. We have had fraud to international premium destinations which we are restricting based on calling profiles and originating source IPs; but neither is truly scalable. Subsequently we are looking for alternatives. Regards, Shaun _______________________________________________ VoiceOps mailing list VoiceOps@voiceops.org<mailto:VoiceOps@voiceops.org> https://puck.nether.net/mailman/listinfo/voiceops -- Brad Anouar Director of Systems Engineering Email brad.ano...@masergy.com<mailto:brad.ano...@masergy.com> Office +1 310 360 2028 [http://www.masergy.com/sites/default/files/Hdr_Masegy_Logo.jpg] www.m<http://www.masergy.com/>asergy.com<http://www.masergy.com/> _______________________________________________ VoiceOps mailing list VoiceOps@voiceops.org<mailto:VoiceOps@voiceops.org>https://puck.nether.net/mailman/listinfo/voiceops AVISO DE CONFIDENCIALIDAD: Este correo electrónico y sus archivos anexos, si los tiene, están destinados sólo para la persona o entidad a la que va dirigida y contiene información confidencial. Se prohíbe cualquier uso, impresión, divulgación o distribución de dicha información sin la autorización por escrito del remitente. Si usted no es el destinatario, por favor póngase en contacto con el remitente y destruya todas las copias del mensaje original. CONFIDENTIALITY NOTICE: This email message and its attachments, if any, are intended only for the person or entity to which it is addressed and contains privileged information. Any use, printing, disclosure, or distribution of such information without the written authorization of the sender is prohibited. If you are not the intended recipient, please contact the sender and destroy all copies of the original message. Nuestro aviso de privacidad está publicado en la página Web: http://www.mcmtelecom.com.mx/common/politica_privacidad.htm _______________________________________________ VoiceOps mailing list VoiceOps@voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
