Call escalation for security alert

I would like to know if your system can support the following scenario,

We have several customers that would like to be notified if we identify an attack on their network,
Each customer has his own escalation path (few escalation points, in case the previous didn’t answer).

The scenario:
1. We identify an attack on a customer
2. Our monitoring system generates an alert, sent to Voicent (using API?)
3. A call is being make to the 1st person on the escalation path, who needs to acknowledge the call
4. 2nd attempt after 2 minutes if no acknowledge received
5. A call to the 2nd person on the escalation path, if no acknowledge received (And so forth)
6. Incident closed after acknowledge is received or we exhausted all escalation path

Yes, it can be implemented easily through our API.

In step 2, when you send a call request to Voicent using the API, you will get a request ID back. In 2 minute, you can check the call status using the request ID. If it is confirmed (for example, someone pressed 1 to confirm), you can close the incident. If not, you can send another call request for the next person to be notified.

You can also design your call message using a dynamically generated message using text-to-speech, or a fixed on using pre-recorded audio file. In addition, you can design confirmation code.

The Voicent system should take care of the rest.

Posted in General |

Stop Sipvicious Attack

SIPVicious is a program that has been used in increasing reconnaissance attacks against IP and VoIP phones and PBX systems. It was originally used as an auditing tool for scanning phone systems by performing INVITE scans silently. But attackers use this it to determine weak passwords to connect to a phone host on the PBX telephony network in order to get free calling from your system.

For Voicent system, this attack will not succeed since our inbound system is designed differently for the authentication process. So there is no worry for someone hack into your system and make free phone calls. However, the attach does pose a problem for channel congestion. Every time these incoming calls are examined by the system, the SIP channel is not available for other incoming or outgoing calls.

If you use release 10.5.4 or later, you can set up the Authorized IP addresses for your SIP service such that all incoming message not from your service provider is quickly discarded. To set it up, select Setup > Options > SIP Tab, choose your SIP account, click Edit, then click the Advanced… button. In the box below, enter the authorized IP addresses in the box labeled:
Authorized IP addresses For incoming Sip message. It takes a comma separated list, with each item as a complete IP address or its prefix.

If you have an earlier version, you will have to block these attacks using your firewall program. This is outside the scope of Voicent program. The best way is contact your firewall program provider or local IT service to help you set it up.

If you use Skype connect service, the authorized IP addresses are listed in your SIP profile. For other services, please contact them to get a list of authorized IP addresses.

Posted in General |

Release 10.5.1: More campaign control in workflow

More campaign related features are added to the workflow in release 10.5.1.

Campaign Events

You can trigger workflow using the following campaign event: Campaign Start, Campaign Stopped, Campaign Finished.

Campaign Actions

You can use the following campaign actions: Add customer to campaign, Resume campaign, Stop Campaign, Rerun campaign, Delete Campaign

The following example shows how flexible the workflow engine can be with these newly added features. Let’s create a campaign that always restart itself. To do so, simply create a trigger that will start whenever a specific campaign is finished.

If you want to continue if the rerun campaign is finished, you should setup another trigger on the rerun campaign, and when it is finished, delete the rerun campaign, and then rerun the original campaign.

In effect, the two defined triggers will keep the campaign running forever. Basically, when the original campaign is run and finished, the first trigger will rerun the campaign. Notice the rerun campaign will be named differently. So when the rerun campaign is finished, the second trigger will be started. It then delete the rerun campaign, and then starts the original campaign.

Posted in Developer, Product Usage |