NETWORK ANALYSIS, ARCHITECTURE AND

DESIGNING

Course No: EETS 8331

Prof: Klyne Smith

Level 3- Service Control Point

Final Project-Team D

Name SMU ID Shreyas Parmar 47214314 Udhav Pawar 47149366 Rohit Shriyan 47200352 Harsh Shah 47185935 Shail Shah 39714380

CONTENTS

1. Executive Summary

2. Frame Work

3. Customer Business Requirement

4. User Requirement

5. System Requirement

6. System Concept Diagram

7. Requirement Traceability Matrix

8. Test Cases

9. Risk Analysis and Mitigation

1.Executive Summary Thank you for allowing us (Project Team D) the opportunity to present our response to Service Control Point for Level 3 Core Network’s RFP and to demonstrate our commitment

in assisting Level 3 Communications with this strategically important compliance project. It is understood that Level 3 Communications is a reputed American Multinational Telecommunications & Internet Service provider company, which is currently working to provide Core transport, IP, Voice, Video & Content delivery for Internet carriers around the world. Level 3 is also the largest Competitive Local Exchange Carrier (CLEC) & the 3rd largest provider of Fibre Optic Internet access in the United States. Level 3 Communications currently delivers Netflix & Apple Inc. music & video content over the Internet. The Objective of this proposal is to showcase our understanding of your requirements & how we will offer the solution efficiently & cost effectively. We have attempted to integrate the information we have received from Level 3 Communications & we are committed to Level 3 Communication’s overall goals to provide a Service Control Point (SCP) function. We

understand that Service Control Point function should be able to integrate the services currently provided by the Consolidated SCP. Also the C-SCP will be able to allow Level 3 to make changes to the current services and also the new services that will be created in future. We do plan to incorporate C-SCP with all the equipment that are necessary for supporting Service creation, Service management, Service control, & media management. Along with the above services, C-SCP will communicate directly via Session Initiation Protocol (SIP) using the existing Level 3 Core routing engine & media gateways, also other Application Servers, Class 4 Soft switches, Media Servers & SIP enabled data devices in the Level 3 Core Voice network. The Solution will also provide self-service functionality to the customers.

We appreciate the opportunity to provide this response where we have built our project approach, work plan, cost estimates based upon the identified project needs and within the timeline and manner requested.

2. Frame Work

3. Customer Business Requirement

Implementing existing services.

Capable modifying the Services it manages or create new services and functionality

through Service Creation.

Capable of creating new services of modifying existing services or create new

services without the need to consult the Vendor.

Provisioning Portal to enable self-service functionality.

Number Translation

Information Delivery

Screening

Caller Interaction

Mid-Call Interaction

4. User Requirement

User Requirement Number

User Requirement Description

UR-1 All equipment vendors shall provide Airflow documentation of test results in a densely populated environment showing the heat dissipation cooling characteristic of the chassis.

The system chassis shall be accessible via a local RS232 craft to be used by terminal, PC, or telemetry equipment.

It is desirable that access ports for this type of access be available on both the front and back of the chassis.

UR-2 All line interface cards shall have LED indicators to indicate when the line card has experienced a failure.

All cards shall have LED indicators to indicate when the card software is loading or initializing.

C-SCP components shall have LED indicators on the front panel, one for each alarm type (critical, major , minor and warning. ) The LED indicators will show when there any of the above alarm types active (standing) in the system.

In the event of a failure of one IP interface, the C-SCP should continue functioning.

C-SCP shall support a local memory backup capability that protects provisioned parameters and management information in case of system failure.

This local memory backup shall be non-volatile. C-SCP shall require that all management parameters and

operation is immediately restorable upon failure. C-SCP shall support the ability to recover from the loss

of a single network interface card with no loss of performance.

C-SCP shall immediately alarm when an IP port virtual port or physical interface) has gone out of service.

C-SCP shall maintain and monitor the performance of all internal bus facilities within each platform.

UR-3 Component hot swap-ability. UR-4 The management IP interfaces shall support both ping

and traceroute functionality. C-SCP shall support at least two Ethernet ports for

management access. UR-5 C-SCP shall provide a means to query the device for all

the installed hardware, including chassis, fans disks, cards, etc.

UR-6 The change in operational state of the system, card, or

interface will trigger an SNMP trap, detailing the reason. UR-7 C-SCP will provide this information on a call-by-call

basis in the call-logging section. UR-8 C-SCP will be able to report statistics in the following

formats: traffic and rates per time (bps, Kbps, Mbps, tps cps, etc.), throughput (packets per second, Kpps and Mpps), CPU utilization (percentage), memory and buffer utilization.

C-SCP must generate a warning alarm when CPU/DSP reaches 50% usage.

C-SCP must generate a warning alarm when CPU/DSP reaches 80% usage.

C-SCP must generate a warning alarm when CPU/DSP reaches 90% usage.

UR-9 C-SCP must support configurable threshold levels for disk capacity alarms for minor, major and critical levels.

UR-10 Vendor should describe the SIP/RTP capture

functionality necessary for monitoring and troubleshooting purposes.

UR-11 C-SCP shall have at least two IP interface cards that share the network.

Power supplies shall be redundant C-SCP must have DC power supplies for all HW

components. UR-12 C-SCP must have a failover reliability of 99% or better.

C-SCP must completely failover within 2 seconds. C-SCP must be able to completely failover within the

time specified during peak busy hour.

UR-13

C-SCP shall support remotely downloading software upgrades and patches.

C-SCP shall be capable of performing software updates and configuration changes without dropping established calls and continue to process new call requests.

C-SCP must provide live software updates on all components while continuing to process calls without any degradation in performance.

UR-14 C-SCP must be able to process at least 5000 call transactions/attempts per second at sustained rate for at least 3 concurrent hours when operating in simplex mode.

C-SCP shall support 200,000 simultaneous calls in stateful proxy mode.

C-SCP shall support 10,000 simultaneous caller interaction calls.

UR-15 C-SCP must be able to send and receive SIP-URIs in globalized E.164 format for Globally Unique TN (excepting 911 in the Request-URI and To Header).

Example sip:+14155551212@192.168.1.1 C-SCP should be able to send and receive SIP-URIs in

non-E.164 formats for non- Unique TN, such as DNIS .

UR-16 Multiple Access Levels per Login access through TACACs or RADIUS.

Logging/debugging will be available via console and terminals.

UR-17 Testing of the IP interface media using time domain

reflectometry or loopback tests. It should support the ability for a managing system to

send an IP ping and traceroute to or from a destination C-SCP to test network connectivity.

UR-18 C-SCP shall have the capability to store basic

configuration information for each virtual session (virtual IP address and port pair) it can support.

UR-19 C-SCP shall have the capability to store basic configuration information for each virtual session (virtual IP address and port pair) it can support.

It must have a CLI for accessing configuration files. The configuration files must be in ASCII text and display

in the exact same manner which they are inputted into the system (i.e., one must be able to copy a display of the configuration and paste it into a C-SCP).

C-SCP will have non-volatile storage onboard (either removable or internal) with enough capacity to store multiple software images and configurations.

It must support TFTP for receiving all software images and configurations.

5. System Requirement

Requirement Number

System Requirement Description

SR-1 Design Requirement

➢ C-SCP cooling airflow should flow from front bottom to back top.

➢ The individual chassis height shall not exceed 75 inches, including any space required

➢ In the event that multiple chassis are installed in one rack, the combined height shall also not exceed 75 inches.

➢ Cable connections to system interface cards shall be on the back of the cards.

➢ C-SCP components shall have Electrostatic Discharge (ESD) jacks on the front and back.

SR-2 Power requirement

➢ The power supplies rating should be -48 VDC; however, they should have an operating range of -40

➢ The DC power supplies rating may be 380VDC

➢ C-SCP shall support an option for AC power supplies for all HW components

➢ The SC power supply rating shall be 220VAC

➢ C-SCP should not consume more than 500 watts per Rack Unit when fully loaded.

➢ C-SCP should not consume more than 18.8 amps per Rack Unit when fully loaded.

➢ C-SCP should have power switches or breakers on the DC power supplies.

➢ Switchover of power supply modules shall not cause disruption of service.

SR-3 Monitoring and Reporting

➢ C-SCP shall maintain and monitor call processing

➢ C-SCP shall use a unique call identifier to identify any call attempt.

➢ C-SCP shall respond to queries from

Element Management System (EMS) on the availability of its interfaces.

➢ C-SCP must provide viewing/report capability accessible to users.

➢ C-SCP shall support generation of reports.

➢ C-SCP reports supported reports should include:

○ Configuration Data ○ Provisioning Data ○ User/Security Data ○ System Health Statistics ○ System Performance Statistics ○ Call Statistics ○ Call Detail Records

SR-4 Service supportability

➢ C-SCP must support the Information

Delivery Service

SR-5 Performance, Capacity and Storage ➢ C-SCP must monitor disk capacity on all components.

➢ C-SCP must provide enough local storage of CDR data for 7 days of calls at an average call rate of 400 calls per second with 3-minute call hold times.

➢ C-SCP shall have enough local storage capability for storing 7 days of CDRs at a peak rate of 1000 cps at an average call hold time of 3-minutes for a 3 hour peak.

SR-6 Hot swappable requirement

➢ The cooling fan modules shall be "hot swappable

➢ All system cards shall be hot swappable, i.e. it must be possible to replace a card without taking the C-SCP out of service and without affecting service.

➢ IP interface cards shall be hot swappable.

➢ Power supplies shall be hot swappable. ➢ Disk drives, if any, shall be hot

swappable and RAID-capable.

SR-7 PBX requirement 1. Number translation

➢ The Number Translation Service shall support Time Dependent Routing.

➢ The Number Translation Service shall support Percent Allocation Routing.

2.Mid Call Interaction: ➢ C-SCP must support the Mid-Call

Interaction Service ➢ Mid-Call Interaction Service shall

support Call Transfer using RFC 5589. ➢ Call Transfer feature shall support blind

call transfer capability to an entity. ➢ Call Transfer feature shall support

consultation call transfer capability to an entity.

➢ Call Transfer feature shall support attended call transfer capability to an entity.

➢ 3.Screening ➢ C-SCP must support the Screening

Service Screening Service shall allow restrictions

➢ upon calls using: Whitelist, Blacklist,Maximum Current Calls, or Block.

➢ Screening Service shall make available any element from the originating party for screening.

➢ Whitelist Screening shall allow call termination for calls that match elements within the screening list.

➢ Whitelist Screening shall block all calls that do not match any elements within the list.

➢ Blocked calls from Whitelist Screening shall either receive Treatment or an Announcement before disconnecting.

➢ Possible Whitelist screening elements shall include but not limited to Calling Party (full or partial), Calling Party Category Originating Line Information.

➢ Blacklist Screening shall block call termination for calls that match elements within the list.

➢ Blocked calls from Blacklist Screening shall either receive Treatment or an Announcement before disconnecting.

➢ Possible Blacklist screening elements shall include but not limited to Calling

Party (full or partial), Calling Party Category, or Originating Line Information.

4. Call Interaction Service: ➢ Vendor should describe signaling used

between C-SCP and media resource function in support of the Caller Interaction Service.

➢ C-SCP must support the playing of tones and announcements.

➢ Tones must include DTMF and MF tones.

➢ Caller Interaction Service shall support customized announcements for a subscriber or group of subscribers.

➢ Caller Interaction Service shall support prompting and collection of DTMF digits

➢ from the originating party. ➢ Caller Interaction Service should

support prompting and collection of information through speech recognition.

➢ Information collected by Speech Recognition should include numbers, letters, words or phrases.

➢ Caller Interaction Service should support English, Spanish and Portuguese languages.

➢ Caller Interaction Service shall support menu routing.

➢ Information collected through Menu Routing shall result in an announcement, a termination route or index to another service.

➢ The Menu value collected by the Caller Interaction Service shall be recorded in a call detail record.

➢ Caller Interaction Service shall support Account Code Screening.

➢ Account Code Screening shall play an announcement and collects digits from the originating party to allow or block the call from proceeding.

➢ The Account Code value collected by the Caller Interaction Service shall be recorded in a call detail record.

➢ The collection of the Account Code value from the Caller Interaction Service shall be either mandatory or

optional. ➢ The validation of the collected Account

Code value from the Caller Interaction Service shall be mandatory or optional.

➢ C-SCP should support a configurable inter-digit timer for the collection of DTMF digits.

➢ C-SCP should support the collection of up to 12 DTMF digits per account code.

➢ C-SCP should support configurable attempts for the collection of Account Codes.

➢ Calls that are blocked by the Account Code Screening feature receive treatment or an announcement before being disconnected.

➢ Caller Interaction Service shall support Authorization Code Screening.

➢ Authorization Code Screening shall play an announcement and collects digits from the originating party to allow or block the call from proceeding.

➢ The validation of the collected Authorization Code is mandatory.

➢ The Authorization Code value collected by the Caller Interaction Service shall be recorded in a call detail record.

➢ C-SCP should support configurable attempts for the collection of Authorization Codes.

➢ Calls that are blocked the Authorization Code Screening feature receive treatment or an announcement before being disconnected.

➢ C-SCP should support a configurable inter-digit timer for the collection of DTMF digits.

➢ C-SCP should support the collection of up to 12 DTMF digits per authorization code.

➢ Caller Interaction Service shall support PIN Routing.

➢ Pin Routing shall play an announcement and collect PIN digits.

➢ The collected PIN digits shall be used to determine the terminating destination for the call.

➢ The collected PIN digits that do not result in a valid destination shall receive

treatment or an announcement before being disconnected.

➢ 5. DNIS ➢ The Information Delivery Service shall

include DNIS, Calling Party Information override, and Calling Name Delivery.

➢ Information Delivery Service shall support Dialed Number Information Service (DNIS).

➢ DNIS values shall support 2-15 digit lengths.

➢ DNIS number format shall include E.164 formats.

➢ The Original Dialed Number should be maintained in the TO or Diversion header.

6.Billing Requirement: ➢ C-SCP CDRs must contain all

necessary attributes of the query in order to bill:

○ Calling Party ○ Called Party ○ Charge Party ○ Originating GW ○ Originating trunkgroup ○ Destination GW ○ Destination trunkgroup ○ Route Choice selected

(completed calls only) ○ Call Initiation Time ○ Call Ringing Time ○ Call Answer Time ○ Call Termination Time ○ Release Cause Code

➢ Vendor should describe their CDR format and contents

SR-8 Failover scenario and System Backup

➢ C-SCP shall support the ability to accept the request for a hard shutdown of the entire C-SCP (i.e., take it immediately out of service).

➢ C-SCP shall support the ability to accept the request for a graceful or hard shutdown of interfaces or ports.

SR-9 Codec and Security ➢ C-SCP must provide support for idle

session timeouts. ➢ All considered C-SCP will have their

platform subjected to Security Lab testing which will consist of an array of Denial of service attacks, including:

○ Ping, and TCP traffic floods ○ SYN attacks ○ Malformed UDP, TCP and

ICMP traffic ➢ C-SCP must support the ability to

modify the following IP stack variables: ○ TCP keepalive interval ○ TCP re-transmit interval ○ MinTCP re-transmit interval ○ MaxTCP close wait interval ○ TCP/IP abort interval

➢ The C-SCP must use RADIUS as the primary means for authentication. Local accounts must only be used when there are no servers available For RADIUS authentication.

➢ User account permission levels where appropriate should be kept on the local C-SCP rather than returning the values via RADIUS attributes.

SR-10 SS7 interface Requirement

➢ C-SCP may support SS7 Signaling in support of the platform and services.

SR-11 Routing requirement

➢ Time Dependent Routing elements shall use: time of day, day of week, day of year, or specific holidays to determine the terminating destination.

➢ Time Dependent Routing shall function across different time zones (areas).

➢ Time Dependent Routing shall have minimum granularity of one minute (60 seconds).

➢ Percent Allocation Routing shall support fixed weighted percentages to determine the terminating destination.

➢ Percent Allocation Routing shall have minimum granularity one percent. A value of 0% indicates temporary removal of a destination from route.

➢ The Number Translation Service shall support interaction between the features.(i.e. the features should be able to index to one another).

➢ The Number Translation Service should be able to detect a circular reference between features.

➢ The Number Translation Service shall support querying the CRE using SIP for LCR routing instruction when the terminating destination is a PSTN.(See Query CRE section for more details.)

➢ C-SCP must support querying Level 3 Core Routing Engine (CRE) using SIP Invite in support of Least Cost Routing (LCR).

SR-12 IPv4 and IPv6 ➢ C-SCP must support IPv4. ➢ C-SCP should support IPv6 both at IP

layer and in SIP messaging.

SR-13 SIP

➢ C-SCP must support SIP over UDP ➢ C-SCP must be RFC 3261 SIP

compliant. ➢ C-SCP must be compliant with the SIP

supporting RFCs: 2387, 3262, 3264 ➢ C-SCP must function as a SIP Stateless

Redirect Server for call requests from / tothe CRE or Level3 Gateways.

➢ C-SCP must function as a SIP Stateful Proxy for call requests from / to Level3 Gateways.

➢ When C-SCP receives a SIP Invite from another Gateway, C-SCP must be capable of mapping a Destination Trunk Group(DTG) tag to an IP Trunk Group on the C-SCP.

➢ C-SCP must support SIP-T per RFC 3372 for communicating with Level 3 Gateways as necessary.

➢ C-SCP may support SIP Session Timers per RFC 4028 for communicating with Level3 Gateways.

➢ C-SCP must support SIP-I per ITU Q.1912.5 for communicating with Level3 Gateways as necessary.

➢ C-SCP should support SIP UPDATE Method per RFC-3311.

SR-14 SNMP

➢ Access console via SNMP an alarm and report for any failure of any sub-component of C-SCP.

➢ C-SCP shall authenticate all SNMP requests and check all address against

an access control list. ➢ C-SCP shall support an SNMP agent

that communicates with resources within C-SCP, such as IP ports, to update the configuration of these resources, and to retrieve the status of these resources.

➢ SNMP bit counters must all be 64 bit counters

➢ C-SCP Media Resource Function must support sending voice related security failures, including packet drops, to a log file and log host (SNMP, syslog, etc.)

SR-15 Latency Requirement ➢ After a soft reset, C-SCP must recover the state of the Services within 5 minutes of reset.

➢ C-SCP shall support a boot time (ready for calls) of < 3minutes

6. System Concept Diagram

Figure 1: C-SCP as Stateful Proxy Server

Figure 2: C-SCP as Redirect Server

Figure 1 represents the diagram of stateful proxy server. A stateful proxy server keeps track of every request and response that it receives. As per the requirement, it can use the stored information in future. When it does not receive a response from the other side, it can retransmit the request.

It can remember the request that it has forwarded, so it can associate the response with other process. Sine, it maintains Transaction state, we call it as stateful proxy server.

Stateful proxy servers do not scale as much as stateless ones. Whereas, a stateless proxy server simply forwards the message it receives. This type

of server does not store any information of the transaction. Stateless proxies forget about the SIP request once it has been forwarded. They are very fast as they can scale very well. The different blocks in the diagram as explained below:

SIGNALING SYSTEM 7 (SS7):

SS7 is an international telecommunication’s standard that defines how network

elements in Public Switched Telephone Networks (PSTN) exchange information over a digital signaling network.

Nodes in an SS7 network are called Signaling Points. SS7 consists of channel such as Reserved or Dedicated, which are also known as

Signaling links. Signaling points are of three types, namely Service Switching Points (SSPs), Signal

Transfer Points (STPs) and Service Control Points (SCPs). SS7 uses out-of-band signaling, i.e. signaling information travels on a dedicated 56

kbps or 64 kbps channel. It does not use same channel as in the case of a telephone call. SS7 is used for setting up telephone calls more efficiently and services such as Call

forwarding and wireless roaming service can be easily added and managed. PSTN consists of Telephone lines, Fiber Optic cables, Cellular networks,

Communication Satellites. These are all interconnected by switching centers, which enables telephones to communicate with each other. MEDIA GATEWAYS (MG):

It is a device such as Circuit switched IP gateway or channel bank. It can convert data from the required format of one type of network to the required format of another.

Media gateways are used for Transcoding media between PSTN and IP networks. Media gateways connect different types of networks. Functions such as Echo

cancelation, DTMF and Tone sender are also present in the media gateway. Media gateway is also called a ‘Soft Switch’.

CORE ROUTING ENGINE (CRE): Routing Engine handles all packets of routing protocols. It frees the packet forwarding engine so that it can only handle Internet traffic packets. Routing engine constructs and maintains one or more than one routing tables.

The routing engine derives table of active routes from the routing tables. These are called forwarding tables, which are copied into the packet forwarding

engines. SERVICE CONTROL POINT (SCP):

It is a standard component of the telephone system, which is used to control the service.

SCPs are used in telecom industry for SS7 and SIP technologies. SCP also has service data point (SDP), which is used to hold the data base. Using this data base of the SDP, the SCP identifies the geographical number to which

the call is to be routed. SCP is also used to communicate with IP to play voice messages or prompt for information to the user like prepaid long distance using account codes.

SCP uses codes like ‘#’, which are used to terminate the input for a username or

password or it can be used for call forwarding. SCPs are connected with SSPs or STPs. It depends on the network architecture that

the network service provider wants. SCPs mostly used with STPs.

SERVICE BORDER CONTROLER (SBC):

It is a dedicated hardware device or software application which shows if the phone calls are initiated, conducted and terminated on a Voice over internet protocol (VoIP) network.

SBC acts as a router between the enterprise and carrier service and it allows only authorized sessions to enter the connection point (border).

It defines and monitors the quality of the service (status) for all sessions. By doing that, it ensures that the callers communicate with each other and the

emergency calls are delivered correctly and ensuring that the priority of those calla are above all other.

SBC also acts as a firewall for session traffic. It does that by applying it’s own quality

of service rules and it also identifies specific incoming threats that can be caused to the communication environments.

SBC provides measurements, access control and data conversion facilities for the calls they control.

7. Requirement Traceability Matrix

User Requirement Corresponding System Requirement

UR-01 SR-01 UR-02 SR-03 UR-03 SR-06 UR-04 SR-03,SR-14 UR-05 SR-03 UR-06 SR-03,SR-14 UR-07 SR-07 UR-08 SR-03 UR-09 SR-03,SR-05 UR-10 SR-13 UR-11 SR-02 UR-12 SR-04,SR-08 UR-13 SR-07,SR-09 UR-14 SR-07,SR-04 UR-15 SR-13 UR-16 SR-12,SR-14,SR-10 UR-17 SR-11,SR-12 UR-18 SR-05 UR-19 SR-05,SR-09,SR-12

8. Test Cases

REQUIREMENT

TEST CASE

CPU memory utilization warning. `

The CSC-P must generate an alarm when the CPU utilization reaches more than 50%. For this the system must run a various number of applications and then check whether the alarm triggers above 50% utilization.

C-SCP must generate a major alarm when memory fills to 80% capacity or above.

Fill the system's memory with data till the system is 80% filled and check whether the warning alarm rings or not.

C-SCP shall have at least two IP interface cards that share the network.

Insert one interface card which is working and one which is not working and check whether the system is still operational on a single interface card.

Local memory backup. For testing this we need to fail a system by any means and check whether the all management parameters and operation is immediately restored in local backup.

99.999% service availability. Keep the system under observation for 1 month and check that it is available 99.999% of times.

C-SCP will be able to report statistics such as traffic and rates , throughput , memory and buffer utilization.

We can check and calculate the traffic rate , throughput , memory utilization using the software such as HP loadrunner , HTTP load , proxy sniffer.

C-SCP must monitor disk capacity on all components.

The disk space of each component should be seen by the network administrator.

Command line interface (CLI) The system must support CLI so that the commands such as PING , TRACEROUTE , ARP can be be used in many applications.

Hot Swappable

Test for the various components like system cards, power by replacing the them and check whether the system remains operational

10SNMP Test for Manager and Agent configuration and Operation Test for separate login Access to Manager and Agent Test For MIB storage volatility.Higher security to MIB for data integrity.

Load Sharing Provide high data and voice traffic and test for the load sharing occurring through various network entities

Remote software upgrade and patches Check for Firmware repository and provide update through wireless or Software Defined Networks.

Minimum Boot time and Reboot time Switch on and off the system on regular basis to investigate for boot and reboot time.

Data service should not affect Call performance Flood the network with data exchange and voice calls and put the network under surveillance for 24 hours to check for performance interference.

RAID capable Connect various hard drives and check for the RAID compatibility and performance

SSH Access Test for Server connectivity. Test for link and port security. Test for Remote Validation of the user/network administrator. Implement ECHO message to check for the availability of the remote host

Multiple Login Session Access Check for port security and also remote login application to provide multiple login access and multiple sessions as well.

TFTP Check for server connectivity and try to get file via easy access

Simultaneous call support Make multiple calls per hour for a dedicated time and check for voice performance of the system

TELNET Access Test for server connectivity. Permit access to the remote host and check for various network performance parameters

EMS Run the system to check for FCAPS model Number Translation Service Make non-geographical calls and learn the

translation service. Playing of tones and customized announcements and tones must include DTMF and MF tones

Check that when user touches dial pad it playsdifferent tones for each number (as well as the "#" and "*").For instance, the number "1" is represented by the frequencies 1209 Hz and 697 Hz and also is subscriber notified when the called person is busy or when he is not available or any customized greeting the person has kept.

Support speech recognization for collecting information

Check if the system recognizes and collects the information or options selected by the user and accordingly proceed

Account Code Screening Test if system recognizes the account code from the call interaction

Collection of tones and its attempt. Check if it collects the dtmf codes and allows multiple attempts.

Authorize code screening Should authorize the call for any secure info access

Support PIN routing Allow PIN routing to get direct access to accurate destination

Call transfer Capability Transfer calls from one terminating point to other according to menu option selection

Call Queing If busy the caller should be held in queue and acknowledge him about wait time.

Hierarchical Access The call function must go in a hierarchy style i.e. the main menu point and then subpoints

Support querying level 3 CRE and LCR Check if system supports 2 or more CRE for queries using SIP and it should use least cost for that

Attributes of Query Check that is it collection all necessary info of the call i.e. calling party, charge party, originating party etc.

CDR should be maintained and if destroyed before consuming alarm should be generated

The CDR should be destroyed once before its consumed to see if the alarm is generated and if it doesn’t must take necessary steps.

Idle session timeouts During the non use it should go in sleep mode until its used again.

Security lab testing Test for its security by testing with array of denial of service attacks like its efficiency during traffic floods, syn attacks, malformed udp, tcpetc

Use RADIUS as means for authorization and remote monitoring.

Use RADIUS protocol for authorizing the caller based on Tripple‘A’ -Accounting, authorization and accounting. In case of any failure anywhere it should support remote monitoring to resolve it

9. RISK ANALYSIS

Attackers could exploit security holes in SS7 to track cell phone user’s, i.e.

subscriber’s movements and communication. They can also eavesdrop on

communication. SS7 is becoming more available to the untrusted parties. This opens multiple

opportunities for initiating fraudulent transactions on behalf of the subscribers. If an attacker intercepts a call, then there are various ways by which he can deny

services of various subscribers, like modifying user data, which results in loss of data integrity. There can be severe cases, where the subscribe data is entirely deleted.

SS7 is slow to take advantage of higher bandwidth technology, which are widely available in the computer industry, but are common in the Telecom infrastructure, which is why SS7 shares little possibility with the computer industry.

In the near future, companies might stop using SBCs and Media Gateways, which might lead to SBCs and Media Gateways becoming obsolete.

After system is employed, the standards might change very slowly, like in case of PSTN, this happens when the carriers are not interconnected.

In case of PSTN, the ability to switch a call and maintaining a reliable system can become very expensive.

With the growth of network multimedia services, the demand for Voice on Demand (VoD) and Voice over Internet (VoI) is increasing rapidly. Due to lack of large scale real world dataset, PSTN is not able to keep up with the changes.

There is a need of dedicated phone lines from the service providers because of the use of PSTN. The analog telephone lines use 64kbps in each direction.

In PSTN, features like Music on hold, conferencing, caller ID, call waiting are all available for an extra cost.

PSTN capabilities are difficult to upgrade and expand, because it involves several additions of hardware and adding lines.

10. MITIGATION

In order to stop today’s most pervasive attacks, a recommended set of actions called

as The Critical Security Controls (CSC) are used. These are very effective Cyber Defensive actions, which provide very specific ways to stop the attacks.

The problems with security can be resolved by moving the subscriber to a separate signaling channel, which will cause the subscriber to not have access to the signaling channel and also switching traffic to alternate routes in case of failure.

In order to improve the detection of the attacks, various custom types of filters can be used. For example, a Snort filter can be used, which can be used for detection of attackers who track the location of subscribers.

Given the criticality of the network, regular internal/external penetration testing should be conducted against the core network. It will provide us the advantage of detection, isolation and troubleshooting of the problem/attack before it gets to the root of network and causes major issues.

IP based communication technologies are picking up pace and they are accepted in place of SBCs and Media Gateways. This is because IP based phone systems are much more functional and cost effective, which makes them important for all businesses. This will lead into transformation in the ways employees operate them on daily basis.

In VOIP, we need only one internet connection to transmit all voice channels and because VOIP uses compression, therefore it needs only 10kbps in each direction.

Using VOIP, features like Music on hold, conferencing, caller ID, call waiting are available at free of cost.

VOIP can be easily enhanced by just upgrading the software and including additional bandwidth.

Average call cost is cheaper in case of VOIP as compared to that in case of PSTN. VOIP will allow addition of new features like HD voice and Over The Top (OTT). It also helps in reducing the cost of interconnection.