Ways to Deploy

 

Traditional TDM Voice Infrastructure

For traditional TDM voice networks, the SecureLogix® ETM® System telecom-grade 99999-relable purpose built TDM appliances sit physically inline on your voice circuits to enforce your enterprise voice security policies in real time. They are built with a failsafe design to ensure traffic on your voice network is not impacted in the event of power failure or an OS or application issue. They can monitor T1, E1, PRI, and SS7 circuits.

The centralized ETM Management Server collects data from the ETM Appliances across your enterprise, maintains system configuration and policy data, stores all call and policy data in a central relational database, and generates reports. Distributed ETM Client Applications are used to define and install voice security and monitoring policies and manage all of the components in the system. 


SIP Voice Infrastructure

For environments with SIP trunking that do not use a Cisco voice-aware ISR/ASR, the SecureLogix® ETM® System Stateless SIP Proxy sits logically inline on the enterprise SIP trunk between the SBC and PBX. All inbound and outbound SIP traffic is proxied through the Stateless SIP Proxy in real time to enable security-policy-based call control and monitoring throughout the enterprise.

The centralized ETM Management Server collects data from the ETM Appliances across your enterprise, maintains system configuration and policy data, stores all call and policy data in a central relational database, and generates reports. Distributed ETM Client Applications are used to define and install voice security and monitoring policies and manage all of the components in the system.

The solution can be deployed on physical hardware or in a virtual environment.


Hybrid TDM and SIP Voice Infrastructure

The SecureLogix® ETM® System telecom-grade 99999-relable purpose built TDM appliances sit physically inline on your TDM voice circuits to enforce your enterprise voice security policies in real time. They are built with a failsafe design to ensure traffic on your voice network is not impacted in the event of power failure or an OS or application issue. They can monitor T1, E1, PRI, and SS7 circuits.

The SecureLogix® ETM® System Stateless SIP Proxy sits logically inline on the enterprise SIP trunk between the SBC and PBX. All inbound and outbound SIP traffic is proxied through the Stateless SIP Proxy in real time to enable security-policy-based call control and monitoring throughout the enterprise. 

The centralized ETM Management Server collects data from the ETM Appliances on any circuit type across your enterprise, maintains system configuration and policy data, stores all call and policy data in a central relational database, and generates reports. Distributed ETM Client Applications are used to define and install voice security and monitoring policies and manage all of the components in the system.

 


SIP Networks with Cisco Voice-Aware ISR/ASR

For environments with SIP trunking or hybrid TDM/SIP networks using a Cisco voice-aware ISR/ASR, the SecureLogix® ETM® Unified Trunking Application (UTA) integrates with the router via an API SecureLogix and Cisco co-developed to provide security-policy- based call control without the need for another device inline on the voice network. UTA need not be collocated with the router, but can reside anywhere on the network, as long as there is low latency between the router and UTA. The router holds the call while it sends important call information to UTA for security policy decisions, and then UTA directs the router how to route the call based on the policy result—allow as dialed, redirect to an alternate destination, or terminate prior to call setup. Policy processing occurs in a matter of milliseconds and adds no latency to the call.

The centralized ETM Management Server collects data from the ETM Appliances across your enterprise, maintains system configuration and policy data, stores all call and policy data in a central relational database, and generates reports. Distributed ETM Client Applications are used to define and install voice security and monitoring policies and manage all of the components in the system.

The solution can be deployed on physical hardware or in a virtual environment.

sip-networks-with-cisco-voice-aware-isr-asr

Large Enterprise SIP Deployments

The SecureLogix® PolicyGuru® Meta-Policy Controller provides security-policy- based call control and monitoring for large enterprise SIP deployments, including centralized SIP, without the need for another device inline on the voice network. While the solution can be deployed on any size of SIP network, it scales for very high-volume environments. 

The PolicyGuru Solution interfaces with certain SBCs that support the ENUM protocol with the Kaplan extension. The solution is not inline, but rather receives the important call data (source, destination, and direction) from the ENUM request and then returns the security policy decision to the SBC—allow as dialed, redirect to an alternate destination, or terminate prior to call setup. 

The solution also offers a Metadata Probe that captures SIP/RTP call information (metadata) throughout the call via a passive tap and supports additional types of policy monitoring and reporting using additional header information and mid-call events beyond the information available via ENUM. It does not provide call control, but rather monitoring.

A centralized Mediation Server manages all of the system components and applications, enforces user-defined call-pattern Policies in real time, and generates alerts for system events and Policy alerts. A centralizedDatabase Server stores ENUM and SIP call data, Policy processing data, and system events in a relational database for analytics and reporting, and also stores system configuration. The solution is remotely managed via a web-based client. 

The solution can be deployed on physical hardware or in a virtual environment.

 
Large-Enterprise-SIP-Deployments

Products