Real-time Communications – Voice, Messaging, Video or Collaboration

The Communications Cloud

As more and more real-time communications – whether voice, messaging, video or collaboration – move to distributed software and cloud infrastructure, the management and security of real-time services becomes increasingly complex.

Enterprises are moving to a zero-trust security posture, which means that every application must be secured. Real-time communications can no longer be ignored. This is especially true for large enterprise environments in regulated industries where human conversations fall under the compliance umbrella (financial transactions, credit card numbers being provided to contact center agents, healthcare records that include recorded and transcribed evaluations, and so forth). An increasing amount of pressure is being put on IT teams to ensure all data that traverses networks, applications and clouds is monitored and secured.

The fragmentation and complexity of unified communications cannot be an excuse to drive a security posture that is on par with other IP applications running in the enterprise. Now that technology is in place to monitor, for example, email, Dropbox, Slack, Skype and other third-party collaboration networks, it’s not okay to shrug off confidential information leaking out or accidentally being shared by employees or contractors. For real-time communications, we have moved beyond denial of service as the primary threat vector and into the domains of theft of service and use of communications channels for extraction of digital assets.

Analytics and Machine Learning will play a critical role in enabling enterprises to keep up with this ever-increasing surface area of attacks and increasing level of threat sophistication. Harvesting data from the entire real-time communications infrastructure backed by behavioral analytics and machine learning allows for very sophisticated threat detection and mitigation. In a way, networked analytics and policy “homogenizes” your security borders into a unified perimeter compared to independent edge products acting autonomously.

Another advantage of using data and analytics services to monitor and manage real-time communications (RTC) is the ability to control quality even when there are multiple disparate Voice over Internet Protocol (VoIP) systems interworked together with many different protocols, call routing and load balancing approaches.

Whether a user is making an internal call from Skype for Business to an AVAYA hard phone or an outbound call via SIP trunk, understanding, controlling and automating VoIP networks often requires the use of many vendor-specific tools, which may serve a purpose in their own domains, but don’t always “play well with others.”

The challenge of managing RTC sessions has been exponentially amplified with the move to dynamic cloud architectures and the rise of API-based communications services like Twilio, web services like WebRTC and CRM integrations.

What’s a responsible IT Executive to do?

A unified, vendor-agnostic monitoring and security strategy that spans multiple protocols and provides interoperability and interworking is more important today than ever. Without global visibility, operationalizing complex VoIP and Over-the-Top (Internet-based) environments is becoming almost impossible without new tools that provide end-to-end visibility and control.

We Cannot Manage What We Cannot Measure

Events such as SIP registration floods, VoIP pivot attacks and failed load balancing cause disruption of service and keep IT managers awake at night. When an attack or network failure occurs on a voice system it can take days – if not weeks – to track down the issue unless software is in place that monitors all aspects of RTC, particularly as more and more functionality moves to the cloud.

While security may feel like the scariest issue, day-to-day operations can also be improved when enterprises and Service Providers have full visibility into basics like voice quality, IP network performance and service utilization. When one combines an over-arching analytics platform with the existing branch-office infrastructure, Enterprise service network administrators can efficiently determine if a call-quality issue is unique to a type of handset, branch location or gateway.

Global visibility into cloud services for RTC, if done well, goes even further. Given the increasing reliance on services like Microsoft Skype for Business (and now Teams) it is also necessary to monitor database-processing times on backend servers to ensure call processing is going smoothly.

This can be done by monitoring the time between the last packet of a request and the first packet of the corresponding response, associated with the payload for database transactions across backend servers. This generates database latency alerts with signaling metrics useful in more advanced “grooming” of RTC networks and services. Incorporating this type of capability into a big data analytics platform enables an enterprise to monitor service quality and troubleshoot when needed from the client to the cloud from a single platform which increases efficiency and reduces down time.

Aside from service assurance and troubleshooting, enterprises can respectfully mine their user data to deliver a more personalized user experience. Leveraging big data analytics and machine learning to track communications from end-to end in the network – and thus enable a detailed view of threats, quality and user behavior – is already being done to answer questions such as what are people and systems doing? How often are they doing these things? Where are the predictable patterns? How do we immediately identify an “out-of-trend” moment, which could lead to trouble?

Harvesting data around RTC creates meaningful insights that help enterprises measure so they can manage. Using predictive and behavioral analytics helps managers literally see into the future and avoid trouble before it happens.

Predicting intent throughout the network and all the way to end users – solid gold. Predicting sentiment, for example, as part of a contact center application? Priceless. Automating network operations security and applications in multiple clouds, and across clouds? This is the future.

By Kevin Riley

Jen Klostermann
The Fintech Landscape The Nitty Gritty Although the COVID-19 pandemic has highlighted its existence, most of us have been using fintech in some form or another for quite some time. It’s a big part of ...
Metasploit-Penetration-Testing-Software-Pen-Testing-Security
Vulnerability Scanners Cyber security vulnerabilities are a constant nuisance and it certainly doesn't help with the world in a current state of disarray and uncertainty. Vulnerabilities leave businesses and individuals subject to a wide range ...
Mark Greenlaw
Free Cloud Migrations are Expensive The cloud is becoming the primary place where work gets done. By 2025, Gartner estimates that enterprise spending on public cloud computing will overtake traditional IT hardware. Why? One reason ...
John Peluso
Save Your Organization on Cloud Costs Organizations of all sizes are currently navigating their plans to avoid the recent surge in cyber-attacks and data breaches and preparing for unforeseen setbacks. Building a sensible backup and ...
Gilad David Maayan
What Is Cloud Deployment? Cloud deployment is the process of deploying and managing applications, services, and infrastructure in a cloud computing environment. Cloud deployment provides scalability, reliability and accessibility over the internet, and it allows ...
Sofia Jaramillo
Augmented Reality in Architecture Augmented reality (AR) is a growing field of study and application in the world of architecture. This useful tool can help us visualize architectural designs by superimposing them onto real-world scenes ...
Tosin Vaithilingam
Navigating Economic Uncertainty: Strategies for IT Leaders and MSPs Lately, it seems that each day brings news of more economic uncertainty. Companies that have been navigating the pandemic for the past two and a half ...
Security Breach 10 Useful Cloud Security Tools
Cloud Security Tools Cloud providing vendors need to embed cloud security tools within their infrastructure. They should not emphasize keeping high uptime at the expense of security. Cloud computing has become a business solution for ...
Disaster Recovery Plan.png
Hair Loss.png
Byod.png
Data Bed.png

PLURALSITE

Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization. 

(ISC)²

(ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees.

CYBRARY

CYBRARY Open source Cyber Security learning. The world's largest cyber security community. Cybrary provides free IT training certificates. Courses for beginners, intermediates, and advanced users are available.