[VoiceOps] Fraud Management

Monterrosa Santiago smonterrosa at mcmtelecom.com.mx
Mon Feb 2 14:09:42 EST 2015 

Hi Shaun

I have evaluated a solution that is good enough flexible for us, it is based 100% on SIP so it generates alerts pretty fast, almost online, and it has proved to catch irregular traffic which resulted in fraud calls so that we can block immediately; this way this system is better than the CDR based in house developed system we do use to detect irregular traffic. Such new solution is called Redshift from Redshift Networks by the way.

Regards 

Santiago
________________________________________
De: VoiceOps [voiceops-bounces at voiceops.org] En nombre de Shaun Gill [Shaun.Gill at is.co.za]
Enviado el: lunes, 02 de febrero de 2015 01:01 a.m.
Para: Glen Gerhard; voiceops at voiceops.org
Asunto: Re: [VoiceOps] Fraud Management

Thank you for the info Glen.

We have done a POC on OCFM  (Oracle Communications Fraud Monitor; the old FDAP - Fraud Detection and Prevention) that relies on OCOM (Oracle Communications Operations Monitor; old Acme Palladion product) to feed into the OCFM server. We could not get the call correlation on OCOM to work properly without extensive changes to our existing infrastructure. The call correlation issues resulted in bad data fed into the fraud monitor and resulted in false positives.

Will have a look at the options below.

Regards,
Shaun

From: Glen Gerhard <ggerhard at sansay.com<mailto:ggerhard at sansay.com>>
Date: Friday 30 January 2015 3:40 PM
To: "voiceops at voiceops.org<mailto:voiceops at voiceops.org>" <voiceops at voiceops.org<mailto:voiceops at voiceops.org>>
Subject: Re: [VoiceOps] Fraud Management

Hi Shaun,

most systems work off CDR files (or Radius or Diameter steams) so are proprietary in what products they support (http://oculeus.com is one such system).  There are some products that are auto-learning based on SIP monitoring so are device independent.  http://tollshield.com is one of them and builds a network profile over several week to understand "normal" traffic patterns.  It can alert on variations of those patterns.  These systems requires monitoring ports whereas the CDR approach does not need SPAN ports.

Also there is a difference between systems that can alert on fraud on ones that can proactively shut off service to suspect devices.  The proactive ones are usually device specific and more expensive and raise the risk of false positives.

Regards,

~Glen

On 1/29/2015 11:19 PM, Shaun Gill wrote:
Hi Brad,

Neither - We are not using a product at this stage; using a combination of routing profiles (BSFT) and originating source IPs to block suspect traffic.

Regards,
Shaun

From: Brad Anouar <brad.anouar at masergy.com<mailto:brad.anouar at masergy.com>>
Date: Friday 30 January 2015 3:07 AM
To: Shaun Gill <shaun.gill at is.co.za<mailto:shaun.gill at is.co.za>>
Cc: Jay Cox <jcox at appiaservices.com<mailto:jcox at appiaservices.com>>, "voiceops at voiceops.org<mailto:voiceops at voiceops.org>" <voiceops at voiceops.org<mailto:voiceops at voiceops.org>>
Subject: Re: [VoiceOps] Fraud Management

Shaun,

Have you used the SIP or CDR based product?

On Thu, Jan 29, 2015 at 3:26 PM, Shaun Gill <Shaun.Gill at is.co.za<mailto:Shaun.Gill at is.co.za>> wrote:
Noted – I will be checking this out Jay.

From: Jay Cox <jcox at appiaservices.com<mailto:jcox at appiaservices.com>>
Date: Wednesday 28 January 2015 3:44 PM
To: Shaun Gill <shaun.gill at is.co.za<mailto:shaun.gill at is.co.za>>, "voiceops at voiceops.org<mailto:voiceops at voiceops.org>" <voiceops at voiceops.org<mailto:voiceops at voiceops.org>>
Subject: RE: [VoiceOps] Fraud Management

Shaun:

I have used the TransNexus solution for a long time.

Jay Cox
Mobile  314 910 7242

From: VoiceOps [mailto:voiceops-bounces at voiceops.org] On Behalf Of Shaun Gill
Sent: Wednesday, January 28, 2015 2:37 AM
To: voiceops at voiceops.org<mailto:voiceops at voiceops.org>
Subject: [VoiceOps] Fraud Management

Hi Guys,

Trying to get a feel for what fraud systems are out there for VoIP service providers; primarily using terrestrial mediums (such as metroE; diginet) with clients interconnecting via IP PBXs, voice gateways and IP phones.
We have had fraud to international premium destinations which we are restricting based on calling profiles and originating source IPs; but neither is truly scalable.
Subsequently we are looking for alternatives.

Regards,
Shaun



_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org<mailto:VoiceOps at voiceops.org>
https://puck.nether.net/mailman/listinfo/voiceops




--

Brad Anouar
Director of Systems Engineering
Email brad.anouar at masergy.com<mailto:brad.anouar at masergy.com>
Office +1 310 360 2028

[http://www.masergy.com/sites/default/files/Hdr_Masegy_Logo.jpg]
www.m<http://www.masergy.com/>asergy.com<http://www.masergy.com/>



_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org<mailto:VoiceOps at voiceops.org>https://puck.nether.net/mailman/listinfo/voiceops



AVISO DE CONFIDENCIALIDAD: Este correo electrónico y sus archivos anexos, si los tiene, están destinados sólo para la persona o entidad a la que va dirigida y contiene información confidencial. Se prohíbe cualquier uso, impresión, divulgación o distribución de dicha información sin la autorización por escrito del remitente. Si usted no es el destinatario, por favor póngase en contacto con el remitente y destruya todas las copias del mensaje original.

CONFIDENTIALITY NOTICE: This email message and its attachments, if any, are intended only for the person or entity to which it is addressed and contains privileged information. Any use, printing, disclosure, or distribution of such information without the written authorization of the sender is prohibited. If you are not the intended recipient, please contact the sender and destroy all copies of the original message.

Nuestro aviso de privacidad está publicado en la página Web: http://www.mcmtelecom.com.mx/common/politica_privacidad.htm

More information about the VoiceOps mailing list