sms defense white paper
TRANSCRIPT
© Copyright 2008 Sevis Systems, Inc.
SMS Defense® White Paper
Transparent Mobile-to-Mobile SMS Spam and Fraud Control.
September 15, 2008
© Copyright 2008 Sevis Systems, Inc.
Table of Contents
1. SMS Defense ................................................................................................................................................................. 1
1.1. The Challenge: Prevent Mobile-to-Mobile SMS Spam and Fraud.......................................................................... 1
1.2. The Point Code Based Approach: Route All SMS to an Additional Core Network Node ...................................... 3
1.3. The SMS Defense Solution: Transparent SMS Spam and Fraud Control ............................................................... 5
1.3.1. Core Capabilities .............................................................................................................................................. 5
1.3.2. Architecture ...................................................................................................................................................... 8
2. Defense View............................................................................................................................................................... 10
2.1. Event Log Data Mining ......................................................................................................................................... 10
2.2. CDR Generation .................................................................................................................................................... 11
3. Signaling ASE® System: No Point Code, Many Solutions ......................................................................................... 12
3.1. System Overview................................................................................................................................................... 12
3.2. Technical Specifications........................................................................................................................................ 14
© Copyright 2008 Sevis Systems, Inc. 1
1. SMS Defense
1.1. The Challenge: Prevent Mobile-to-Mobile SMS Spam and Fraud
Mobile-to-mobile SMS spam and fraud comes in many forms and can cause substantial damage with respect to
customer satisfaction, financial performance and network operations. A sample of recent coverage of the problem
includes:
• John White, of the telecommunications analyst firm Portio Research, says, “There’s no doubt text spam is
costing operators real money, but what they’re even more concerned about is the effect it has on the churn
rate of their customers. Phone users who are irritated by spam or are billed for messages they didn’t send
are very likely to move networks. A solution that can stop spam and help maintain good customer relations
is going to be widely welcomed.” (Source: Mobile Europe)
• “Their method is simple but highly effective, enabling the sending for free of thousands of messages that
appear to come from a mobile phone roaming on another network. The result is not only that innocent
mobile operators are carrying unwanted traffic, but that their customers are being deluged with unwanted
offers – and some are even being billed for messages they did not send.” (Source: Mobile Europe)
• Insights into Mobile Spam, World’s First Collaborative Empirical Study released by the University of St.
Gallen, Switzerland, indicates more than 8 in 10 mobile phone users surveyed have received unsolicited
messages and 83% of telecommunications industry respondents perceive mobile spam to be a critical issue.
(Source: International Telecommunications Union)
• “Malicious hackers could take down cellular networks in large cities by inundating their popular text-
messaging services with the equivalent of spam,” said Penn State computer security researchers. (Source:
New York Times)
• “China has ordered telcos to purge spam SMSes of smut and other ‘unhealthy’ influences, including
‘superstitious content’ like fortune telling. The Ministry of Information Industry made the pronouncement
today on its website which declared: ‘Recently, there has been a lot of dirt hidden in the telecommunication
networks. The situation is serious.’” (Source: The Register)
The most common types of mobile-to-mobile SMS spam and fraud active today are summarized in the table below:
Table 1. Common Types of Mobile-to-Mobile SMS Spam and Fraud.
Type How Caused Risk to the Operator
Spamming Unwanted messages are delivered to
subscribers
Irritated subscribers, degraded network
performance, blamed for spam relay
Flooding Remote system sends massive numbers of
messages targeting subscribers and nodes
Overload in the signaling network, home
operator incurs relay operator costs
Faking Foreign system uses identity of a legal
SMSC (i.e. MT faking)
Home operator cannot collect termination
fees
Spoofing Messages sent illegally by simulating
subscribers who are in a roaming situation
(i.e. MO spoofing)
Subscribers wrongfully billed for unsent
messages and perhaps unwanted content
Smishing Messages that appear to be from a valid
company attempt to acquire subscriber
information
Subscriber annoyance, billing issues,
potential to spread viruses which in turn
can result in more spam
Viruses Hacker engine launches messages luring
subscribers to a download site with viruses
Compromised handsets cause customer
service problems and may send unwanted
messages
© Copyright 2008 Sevis Systems, Inc. 2
The overarching provider concerns with respect to the impact mobile-to-mobile SMS spam and fraud can have on a
provider’s customers, network and financial performance are that it:
• Irritates subscribers and in turn increases churn, raises support costs and casts a negative light on the carrier’s brand. Subscribers find spam annoying and many regard it as an invasion of privacy. It also
results in unwarranted charges leading to customer frustration.
• Results in lost revenue for inter-carrier messages. With SMS fraud, the sender assumes the identity of a
valid subscriber or SMSC, so the operator receives no termination fee.
• Increases operational costs because of the large volumes of unauthorized messages. SMS spam and
fraud can degrade network and SMSC performance and at times severely impact them (in some instances
acting as a Denial of Service network attack).
• Damages the adoption of revenue-producing services. Spam can destroy trust in an operator, leading
subscribers to opt-out of emerging mobile advertising and m-commerce opportunities.
The figure below shows the typical paths that mobile-to-mobile SMS spam and fraud take to gain network access.
The red arrow on the left side of the diagram is meant to demonstrate “On-Net” SMS spam and fraud, meaning it is
generated by a subscriber that is operating within a carrier’s own network. The red arrow originating on the right
side of the diagram is meant to demonstrate “Off-Net” SMS spam and fraud, meaning it originates on another
carrier’s network and gains network access via a carrier’s SS7 carrier-to-carrier interconnect links.
Example of Mobile-to-Mobile SMS Spam and Fraud Gaining Network Access
Figure 1
In order to prevent mobile-to-mobile SMS spam and fraud, every SMS message that originates on a carrier’s own
network or that attempts to enter a carrier’s network via SS7 carrier-to-carrier interconnect links must at some point
prior to being delivered to the destination subscriber be inspected to ensure that the message:
• Is from a legitimate source (in the case of MT faking or MO spoofing).
• Does not contain inappropriate content (in the case of smishing, viruses or unauthorized content).
• Is not part of an unauthorized “mass mail” campaign (in the case of unsolicited spamming).
• Is not part of an attempt to disrupt the operations of the individual subscriber, a network node or the
network itself (in the case of message flooding).
© Copyright 2008 Sevis Systems, Inc. 3
1.2. The Point Code Based Approach: Route All SMS to an Additional Core Network Node
The most common approach currently used to prevent mobile-to-mobile SMS spam and fraud is to deploy a Point
Code Based SMS anti-spam and fraud element(s) within a carrier’s SS7 core network as shown below.
Example of a Point Code Based SMS Anti-Spam and Fraud Solution
Figure 2
The mechanics of identifying mobile-to-mobile SMS faking and spoofing are well established and vary little
between mobile-to-mobile SMS anti-spam and fraud vendors. Therefore, implementation of SMS fraud and spam
identification rules/algorithms is not a significant point of differentiation. Consequently, the more common points
of differentiation between Point Code Based solution vendors include:
• Whether they provide “rudimentary” or “advanced” content inspection.1
• The degree to which messages can be controlled post-inspection.2
• Management system employed (web-based, GUI-based, etc.).
• System performance with respect to number of messages handled per second.
• Pricing model (many use a “per message/transaction” model versus a flat one-time “per link” model).
1 Content inspection can be categorized as being “rudimentary” or “advanced,” with rudimentary inspection being the ability to filter messages
based on specific key words or phrases while enhanced inspection is the ability to perform content analysis within a more adaptive and flexible
search framework. A discussion of content inspection capabilities is relevant when trying to identify spam or smishing activities. 2 Message control can be categorized as being “rudimentary” or “advanced” as well, with rudimentary control being the ability to pass or stop
(block) messages depending on customer-defined control policies while advanced control is the ability to perform additional message control
functions such as message thresholding (throttling).
© Copyright 2008 Sevis Systems, Inc. 4
While Point Code Based solutions may differ among themselves with respect to these capabilities and features, they
all share the same distinct disadvantages because of their Point Code Based nature, disadvantages that include:
• All Off-Net mobile-to-mobile SMS spam and fraud is allowed to enter a carrier’s signaling network
unchecked and consume STP/Gateway resources.
• Every Off-Net and On-Net SMS message must first be routed to the Point Code Based node (or nodes)
before being sent to an SMSC, increasing the amount of SMS traffic in a carrier’s SS7 core and consuming
additional network resources.
• Because this approach requires an SS7 point code, carriers must reengineer their SS7 network and in some
cases deploy intelligent routing mechanisms and additional STP resources to enable the redirection of the
flow of SMS traffic.
© Copyright 2008 Sevis Systems, Inc. 5
1.3. The SMS Defense Solution: Transparent SMS Spam and Fraud Control
1.3.1. Core Capabilities
In contrast to taking a Point Code Based approach to preventing mobile-to-mobile SMS spam and fraud, SMS
Defense resides transparently (i.e. it does not require a point code) on both carrier-to-carrier SS7 interconnect links
and internal SMSC signaling links. With SMS Defense, SMS messages do not have to be routed to a new network
node before being sent to an SMSC. Additionally, off-net SMS spam and fraud can be stopped before it has the
chance to access your external facing STPs/Gateways.
SMS Defense is equipped with the core capabilities needed to manage SMS spamming, flooding, faking, etc. along
with enhanced content filtering and advanced control features that include message thresholding and response. And
because it utilizes the “transparent” Signaling ASE application platform, SMS Defense does not require any network
re-engineering to install it and it can be positioned anywhere within your signaling network, including the Radio
Access Network perimeter or “Access Edge” (i.e. on BSC-MSC links). The SMS Defense application leverages the
Signaling ASE® Platform’s highly distributed SS7 front-end architecture to implement network-wide rules and
polices on any SS7 link.
Example SMS Defense Network Deployment
Figure 3
© Copyright 2008 Sevis Systems, Inc. 6
Table 2. Comparing the Point Code Based Approach to the Network Transparent SMS Defense Approach
Benefit Point Code Approach SMS Defense Approach
Spamming Protection � �
Flooding Protection � �
Faking Protection � �
Spoofing Protection � �
Smishing Protection � �
Virus Protection � �
Enhanced Content Filtering Varies �
Stops spam at the network perimeter �
Does not increase SMS traffic in the SS7 core �
Advanced message control �
No SS7 network re-engineering required �
The table below describes how SMS Defense can be used to control mobile-to-mobile SMS spam and fraud.
Table 3. Controlling Mobile-to-Mobile SMS Spam and Fraud using SMS Defense.
Type How to Prevent with SMS Defense
MO Spoofing
of Home
Network
Subscribers
Implement rules that perform the following:
- Verify the originating MSISDN is legitimate.
- Verify the originating subscriber’s location in the MO matches that stored in the HLR.
- Verify subscriber’s location for inbound MO into the network is not from a location
internal to the network (SMS MOs cannot arrive from such a location on the interconnect
links).
MT Spoofing
of Home
Network
Subscribers
Implement rules that perform the following:
- Verify originating MSISDN is not one of your subscribers:
∼ External SMSCs should not be delivering SMS messages of your subscribers.
∼ If an inbound SMS MT contains one of your MSISDNs as the originating address, then it
has been spoofed.
- Validate premium short codes and alphanumeric addresses that are allowed as Originating
Addresses.
MT Faking Implement rules that perform the following:
- Validate SRI-SM by determining that the originating SMSC address is consistent within
the SCCP (CgPA) and MAP (Service Center Address) layers.
- Validate MT-SMS by determining that the originating SMSC address is consistent within
the SCCP (CgPA) and MAP (Service Center Address) layers.
- MT delivery via the home network to detect and stop faking:
∼ Modify SRI-SM response with virtual MSC location (SCCP Called Party Address) and
IMSI mask (Correlation ID); and store originating GT of SRI-SM, actual MSC location,
and actual IMSI.
∼ Verify that an SRI-SM has occurred previously for a received MT.
∼ Validate originating GT of subsequent MT against originating GT of previous SRI-SM:
� If they match; there is no faking. Replace virtual MSC location with the actual MSC
location and replace the IMSI mask (Correlation ID) with the actual IMSI, and forward
on to destination subscriber.
© Copyright 2008 Sevis Systems, Inc. 7
� If they do not match; the message is faked.
- The system functions as an SMS Router in transparent mode according to 3GPP TR
23.840. As such, the system proxies any delivery status messages back to the originating
SMSC.
SMS Flooding Implement rules that perform the following:
- Monitor peak SMS message rates against expected levels. If observed rates are beyond
expected levels, source is identified for inclusion in a blacklist rule. Each source can be
aged out over a user-configured amount of time.
- Thresholding for known flooding addresses:
∼ Per destination network node (or node type or group).
∼ Per sending network or sending subscriber.
∼ Across all sending networks or all sending subscribers.
- Prevents abnormal traffic spikes from causing congestion to point of service denial.
- Enables optimization for legitimate traffic only.
Virus Implement rules that perform the following:
- Detect and prevent known UDH virus patterns.
- Verify UDH content is correctly formed according to GSM 03.40.
Unwanted
Content
Implement rules that perform the following:
- Screen for pre-defined key words or pattern matches (regular expressions in message text).
- Utilize message fingerprinting algorithms to identify/track spam and smishing attempts.
SMS Defense also comes with the capability to create whitelist rules to ensure that trusted entities are always
allowed to pass so that service agreements are always maintained.
The figure below provides an example of a mobile-to-mobile SMS delivery that is unauthorized. The top half of the
diagram shows what happens in the absence of a mobile-to-mobile SMS anti-spam and fraud solution such as SMS
Defense while the bottom half of the diagram demonstrates how the attempted SMS delivery is stopped with the
presence of SMS Defense on the carrier’s SS7 carrier-to-carrier interconnect links.
Example of an Unauthorized Mobile-to-Mobile SMS Delivery
SMS
Defense
SMS
Defense
Figure 4
© Copyright 2008 Sevis Systems, Inc. 8
1.3.2. Architecture
The figure below highlights SMS Defense’s overall system architecture:
SMS Defense Overall System Architecture
SMS DefPlatform
InterconnectCarrier Network
InterconnectCarrier NetworkSMSC
SMS DefPlatform
STP orGateway
SMSC
InternalNetwork Nodes
Netw
ork
Perim
ete
r
SMSPolicy Server
SS7/Sigtran
IP
ManagementServer
GUI Client
IP Network
SMS DefPlatform
InterconnectCarrier Network
InterconnectCarrier NetworkSMSC
SMS DefPlatform
STP orGateway
SMSC
InternalNetwork Nodes
Netw
ork
Perim
ete
r
SMSPolicy Server
SS7/Sigtran
IP
ManagementServer
GUI Client
IP Network
Figure 5
The SMS Defense system is comprised of four core functional elements all interconnected using secure IP-based
network connections. Together, they form a highly-available, best of breed architecture for defending networks and
subscribers against SMS spam, spoofing, faking and flooding.
The SMS Defense architecture allows operators to leave the flow of SMS traffic alone. It does not require re-
engineering SMS routes within your network. SMS Defense transparently “plugs” into the network as is.
Furthermore, this exclusive architecture enables operators to control all types of inappropriate traffic including
fraudulent calls, SIM box calls and other unauthorized SS7 traffic as provided by Active Fraud Eliminator and
Signaling Defense.
Table 4. SMS Defense System Core Functional Elements.
Function Description
Platform - Responsible for transparent access to signaling messages and policy enforcement (i.e.
blacklist rules, whitelist rules, etc.).
- Provides a distributed front end to the SMS Policy Server.
- Patented, carrier grade platform requiring no SS7 point code to install.
- Can be deployed on SS7 Low Speed or High Speed links and Sigtran based links.
- Automatic link protection provided via hardware-based relays that close automatically if a
failure occurs, immediately connecting T1/E1 paired ports at the physical layer.
- Rack-mountable 2U chassis.
- Chassis clustering provides additional scalability to enable very large deployments.
© Copyright 2008 Sevis Systems, Inc. 9
SMS Policy
Server
- Provides active-active, stateful backend analysis functions.
- Detects and controls SMS spoofing, faking, flooding and viruses.
- Provides keyword content filtering.
- May “pass” control policies to SMS Defense Platform for enforcement.
- Provides “message fingerprinting” algorithms and techniques to identify and track spam
and smishing attempts.
- Connects to the Platforms with redundant IP connections.
- Provides for easy expansion to enable additional processing power and scalability.
- Runs on standard Linux servers and can scale to thousands of messages per second.
Management
Server
- Provides centralized system and application management.
- Allows carriers to simultaneously administer one or more platforms.
- Supports SNMP for forwarding faults and events to other network management systems.
GUI Client - Menu-driven, point and click graphical user interface for policy creation and system
management, to include access to reporting functions.
- Configuration wizards, multi-level security access and intuitive status indicators.
- Java-based and can be loaded on any Windows or Linux computer.
- Network engineers do not have to go out into the field to troubleshoot issues.
© Copyright 2008 Sevis Systems, Inc. 10
2. Defense View Defense View
® provides data mining capabilities for Signaling Defense
®, SMS Defense
® and AFE event logs along
with CDR generation for use in a carrier’s visibility system or FMS.
2.1. Event Log Data Mining
Whenever a user policy “triggers,” it can be configured to generate a log.3 Each time a log is generated, it is stored
in a centralized database. Defense View provides a carrier with the means to mine their event logs in order to refine
their network policies as well as perform post-event analysis on an individual event and multi-event basis.
Examples of the kind of filters available that can be used to mine log data include (a single query can include
multiple filters):
• Rule ID – Rule that triggered the log.
• Message Type – Type of message that triggered the log.
• Originating Point Code – The originating point code of message triggering the log(s).
• Destination Point Code – The destination point code of message triggering the log(s).
• SMS Addresses – The originating and destination addresses of the SMS message triggering the log(s)
• Calling Party Number – The Calling Party Number of the message triggering the log(s).
• Called Party Number – The Called Party Number of the message triggering the log(s).
• Action – Action associated with the rule that triggered the log(s).
• Physical Equipment – The Platform(s) and card(s) associated with the log(s).
• Top Counts – Most active.
• Bottom Counts – Least active.
• Time of Day – Time of day (range).
Example: Rule Trigger Event with Message Decode to See Parameter Values
Figure 6
3 Please note an event can be defined as a policy causing a “passive trigger” whereby an event is generated for a policy but no action beyond
archiving that the event happened occurs (i.e. the message is not stopped, modified, rerouted, etc., only archived).
© Copyright 2008 Sevis Systems, Inc. 11
Example: Count of Rule Triggers per OPC and DPC Pair
Figure 7
2.2. CDR Generation
The Signaling ASE System (see Section 6) has the capability to generate CDRs for use by 3rd
party Fraud
Management and Network Visibility systems. CDRs can be generated while the system is either in “listening” or
“active” mode.
© Copyright 2008 Sevis Systems, Inc. 12
3. Signaling ASE® System: No Point Code, Many Solutions
3.1. System Overview
Signaling Defense, SMS Defense and Active Fraud Eliminator each utilize the patented Signaling ASE System that
is comprised of the ASE Platform (the transparent signaling network element) and the ASE Manager.
Unlike other SS7 network elements or application delivery systems, the ASE Platform
(image to the right) does not require an SS7 point code, eliminating the need for signaling
network re-engineering and enabling rapid system deployment. The ASE platform does
not require a point code because it is a layer two node whereas most other SS7/C7
network nodes are layer three devices. This means the ASE platform terminates
signaling links up through layer two versus layer three. Point codes live at layer three in SS7/C7, therefore, no point
code is required. To account for discarded and/or inserted messages, independent Message Transfer Part (MTP) 2
sequence numbers are maintained on both sides of the platform, just as a layer three node would behave as messages
are transferred from one link to another.
SS7/C7 link behavior does not change by deploying the ASE platform. It is fully compliant with all SS7/C7
network conformance standards. It does not hinder in any way the normal flow and function of traffic. In fact, all
messages pass through by default. The platform does not generate any network management messages either, and
link changeovers are still managed by the existing signaling endpoints.
The ASE Platform is NEBS certified and was designed for five nines availability. High availability is achieved with
automatic link protection (ALP) features and redundant, hot-swappable components. ALP is provided via hardware-
based relays with relay contacts closing automatically if a failure such as power loss, RTM/TIM removal, RTM/TIM
hardware failure or TIM software failure (loss of heartbeat) occurs. In the event of a failure, the system immediately
connects T1/E1 paired ports at physical layer, removing the TIM from the network quickly and cleanly and enabling
the platform to appear as a wire to the network. With ALP and redundant, hot-swappable components, there are
multiple layers of protection in hardware and software, ensuring signaling links are always “up and running.”
Automatic Link Protection
TIMApplications
Normal Operation
(Bridged)
SS7 Link OutSS7 Link In
TIM MTP StackHeartbeat
H/W Failure
TIMApplications
ALP Operation
(Bypass)
SS7 Link OutSS7 Link In
TIMMTP StackHeartbeat Failure X
RTM
TIM
TIMApplications
Normal Operation
(Bridged)
SS7 Link OutSS7 Link OutSS7 Link InSS7 Link In
TIM MTP StackHeartbeat
H/W Failure
TIMApplications
ALP Operation
(Bypass)
SS7 Link OutSS7 Link OutSS7 Link InSS7 Link In
TIMMTP StackHeartbeat Failure X
RTM
TIM
Figure 8
© Copyright 2008 Sevis Systems, Inc. 13
The ASE System can be utilized in either “listening” or “active” mode. In “listening” mode, it acts much like a
probe in that it can copy all or select SS7 messages and then route them over IP to another device for processing
(useful in visibility and diagnostic applications, location services, etc.). In “active” mode, the ASE System can
perform comprehensive message control, to include being able to, on a message-by-message basis:
• Stop messages
• Threshold messages (allow X of N)
• Modify messages
• Respond to messages
• Re-route or offload messages (over IP for example)
• Insert messages (such as SMS messages)
The ASE Platform supports a diverse set of wireless, wireline and IP protocols and has an open architecture for
rapid development of new software applications. Additionally, the ASE platform scales easily as a layer two node.
It can support large deployments by simply clustering systems together via secure IP. Clustering is a
straightforward process given that no point codes are required and the platform’s backplane supports packet
switching. This enables a distributed architecture that can support even the largest global networks. Multiple
systems function and are managed as a single logical entity. With the ASE Platform, carriers can support the largest
global networks.
The ASE Manager provides centralized system and application management. Its distributed client/server architect-
ure allows carriers to simultaneously administer multiple platforms. Alerts are sent via broadcast, pager, e-mail or
SNMP to inform clients of any alarm situation, and the management interfaces of any platform or client can be
encrypted.
The ASE Client ensures an intuitive provisioning experience with its menu-driven, point and click graphical user
interface. System management is performed with user-friendly features including: configuration wizards, multi-
level security access and intuitive visual status indicators. With the ASE Client, network engineers do not have to
go into the field to analyze or troubleshoot any issues. The Java-based client can be loaded on any Windows or
Linux computer.
© Copyright 2008 Sevis Systems, Inc. 14
3.2. Technical Specifications
The proceeding specifications apply to the Signaling ASE system and in turn SMS Defense:
Table 5. Signaling ASE Technical Specifications.
Protocols
ANSI
- T1.111 MTP
- T1.113 ISUP
- T1.112 SCCP
- T1.114 TCAP
- AIN 0.1/0.2
- IN
- ANSI-41 D
- WIN
ITU/ETSI/3GPP
- Q.701 – Q.705, Q.707 MTP
- Q.761 – Q.764 ISUP
- Q.711 – Q.714 SCCP
- Q.771 – Q.774 TCAP
- Q.721 – Q.724 TUP
- INAP CS-1/CS-2
- GSM MAP
- CAMEL
Sigtran
- M3UA
- M2PA
Application
- SMPP
- SS7oIP
Platform Specifications
Power Supplies and Fans
- N+1 redundancy
- Hot swappable
- DC (-48V)
- A and B DC power feed
Temperature Range
- Operating: -5°C to +55°C (23°F
to 131°F)
- Storage: -40°C to +70°C (-40°F
to +158°F)
Platform Specifications (Cont.)
Chassis
- 2 U high, rack-mountable
chassis
- 19” (482.6 mm) or 23” (584.2
mm) rack mount
- Packet switching backplane
- 3 trunk interface module slots
- Up to 12 T1/E1s per platform
- Up to 48 transparent low speed
SS7 links per chassis
- Up to 3 transparent ATM high
speed links per chassis
- Chassis clustering
- Alarm status display module
- Telco alarm interface (dry/wet
contact relay)
- 5 10/100 Base-T Ethernet ports
- Hardware/software status
reporting
Trunk Interface Module
- Up to four T1/E1s
- Up to 16 transparent low speed
SS7 links
- Up to 1 transparent ATM high
speed link
- A, B, C, D, E, F links
- Channel associated signaling
- T1/E1, RJ-48C
- Hot swappable
- 3 10/100 Base-T Ethernet ports
- Drop and insert grooming
- Automatic link protection
- LED status indicators
- Rear transition module
Regulatory Compliance
- NEBS Level III certified
- ETSI 300 019 2-1 to 2-4
- CE
- FCC Part 15, Class A (CSA)
Management Server
Architecture
- Centralized client/server
- Dual processor
- RAID 5
- Hot-plug hard drives
- Hot-plug redundant power
supplies
- Java-based GUI client
Event Management
- Event filtering with audible
event notification
- Hardware/software status
reporting
Performance Management
- CPU and memory utilization
monitoring
- Link status monitoring
- Detailed platform/server
statistics
Security Management
- User-configurable multi-level
security access
- User authentication and activity
timeout
- Encrypted management
interfaces
User management
- Concurrent users
- User messaging