[VOIPSEC] Sox and voip
Barry Weber
bweber at mercury.com
Tue Apr 19 12:03:38 CDT 2005
Sox specifies that an IT framework must be employed to ensure that controls exist and can be audited. It does
not specify the framework. Many organizations have chosen COBIT.
Barry Weber
Testing and compliance
240.250.1600
-----Original Message-----
From: Voipsec-request at voipsa.org [mailto:Voipsec-request at voipsa.org]
Sent: Tue Apr 19 04:21:16 2005
To: Voipsec at voipsa.org
Subject: Voipsec Digest, Vol 4, Issue 20
Send Voipsec mailing list submissions to
Voipsec at voipsa.org
To subscribe or unsubscribe via the World Wide Web, visit
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
or, via email, send a message with subject or body 'help' to
Voipsec-request at voipsa.org
You can reach the person managing the list at
Voipsec-owner at voipsa.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Voipsec digest..."
Today's Topics:
1. Re: RE: Call Detail Records for VOIP Calls (Kyle)
2. RE: Call Detail Records for VOIP Calls (Geoff Devine)
3. Re: RE: Call Detail Records for VOIP Calls (Diana Cionoiu)
4. Securing Softphones..........??? (Randall Shimizu)
5. RE: RE: Call Detail Records for VOIP Calls (Will Parton)
----------------------------------------------------------------------
Message: 1
Date: Sun, 17 Apr 2005 13:54:45 -0700
From: Kyle <junkma1l at cox.net>
Subject: Re: [VOIPSEC] RE: Call Detail Records for VOIP Calls
To: Mark Teicher <mht3 at earthlink.net>, voipsec at voipsa.org
Message-ID: <005301c5438f$b2876850$b903a8c0 at PC3>
Content-Type: text/plain; format=flowed; charset=iso-8859-1;
reply-type=original
Yes, CDRs for VoIP I've found to contain much greater detail than even many
enterprise PBXs. Configurability of the output can be somewhat of an issue,
but most are provided in some sort of XML or csv format that makes it even
easier for parsing and analysis than the proprietary formats available via
traditional Class 5 or PBX environments. Whether the systems are based on
trunk groups or network gateways, it's rather trivial to sort these however
desired or puchase a mediation system to do this for you with CDRs including
directionality. I'm not familiar with any specifics in SOX to recommend the
logging requirements, but as the bulk of these systems are *nix or Windows
based, they should be able to be as compliant as any of the database
requirements if engineered as such.
-Kyle
----- Original Message -----
From: "Mark Teicher" <mht3 at earthlink.net>
To: <voipsec at voipsa.org>
Sent: Tuesday, April 12, 2005 12:50 PM
Subject: [VOIPSEC] RE: Call Detail Records for VOIP Calls
> Has anyone dealt with configuration of Call Detail Records for VOIP calls?
> What is the logging requirements for Sarbanes-Oxley regarding how CDR
> records are to be kept and what format??
> Can call detail records be split into incoming and outgoing calls based on
> trunk groups routing voice traffic and then re-assembled for investigative
> reasons?
> What about parsing through call detail records for unusual calling
> patterns or duration based calls ??
>
>
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
------------------------------
Message: 2
Date: Sun, 17 Apr 2005 21:24:18 -0400
From: "Geoff Devine" <gdevine at cedarpointcom.com>
Subject: [VOIPSEC] RE: Call Detail Records for VOIP Calls
To: <Voipsec at voipsa.org>
Message-ID:
<9CDE330E7358724EA30D93598D24DE4A84EEC6 at exchange.cedarpointcom.com>
Content-Type: text/plain; charset="us-ascii"
North American VoIP billing tends to conform to the GR-1100 format spit
out by any Class 5 office. Back Office billing systems understand it
and there are a lot of operators who outsource billing to third parties
that would charge extra if billing records were delivered in some other
format.
For voice over cable, the CableLabs PacketCable architecture has all
core elements (soft switches, media gateway controllers, media gateways,
and CMTSs) report events to a record keeping server (RKS) using RADIUS
and home-brew objects added to RADIUS messages to both debug the system
and generate billing records. Somewhere in the magic behind the RKS,
GR-1100-style billing records get kicked out. In practice, pretty much
all soft switches kick out GR-1100 billing records and there many
deployments don't actually use an RKS.
GR-1100 lets you embed extra data in the call record. What many vendors
do is log voice quality statistics as collected at the two endpoints of
the call. It gives operators a handle on packet loss, delay, and jitter
attributes.
I imagine that most VoIP PBX implementations use a more PBX-like CDR
format. There are dozens of permutations but most look something like
the old AT&T Dimension PBX CDR record. I haven't dealt with PBX billing
record formats in quite a while but it's unlikely that anybody is going
to re-invent the wheel. Pretty much all CDR systems kick out a record
when the call starts, when the call ends, whenever the user invokes a
feature, and periodically when the call has been up for a long period of
time. In the dark ages, this went out an RS-232 serial port but
interconnect these days is more likely to use telnet or FTP.
Geoff
----------------------------------------------------------------------
From: Robert Moskowitz <rgm at icsalabs.com>
Subject: Re: [VOIPSEC] RE: Call Detail Records for VOIP Calls
To: Mark Teicher <mht3 at earthlink.net>,voipsec at voipsa.org
Message-ID: <6.2.1.2.2.20050415173120.0385cbd0 at localhost>
Content-Type: text/plain; charset="us-ascii"; format=flowed
At 03:50 PM 4/12/2005, Mark Teicher wrote:
>Has anyone dealt with configuration of Call Detail Records for VOIP
calls?
>What is the logging requirements for Sarbanes-Oxley regarding how CDR
>records are to be kept and what format??
How is this any different than CDR from the company PBX?
>Can call detail records be split into incoming and outgoing calls based
on
>trunk groups routing voice traffic and then re-assembled for
investigative
>reasons?
>What about parsing through call detail records for unusual calling
>patterns or duration based calls ??
>
>
------------------------------
Message: 3
Date: Mon, 18 Apr 2005 00:46:59 +0300 (EEST)
From: Diana Cionoiu <diana-liste at voip.null.ro>
Subject: Re: [VOIPSEC] RE: Call Detail Records for VOIP Calls
To: Robert Moskowitz <rgm at icsalabs.com>
Cc: voipsec at voipsa.org
Message-ID: <Pine.LNX.4.50.0504180027470.8437-100000 at dragoshel>
Content-Type: TEXT/PLAIN; charset=US-ASCII
Hello,
We had the CDR problem recently and we start to look on what CDR should
actualy be.
Our special problem was that Yate is also a PBX and we must implement CDR
for stuff like transfers and conferences, and combinations between those.
In fact the problems seems to be that the telephony systems (call it
gateway, PBX whatever) know about channels, and the billing is made based
on calls not on channel.
In the end the best solutions seems to be compatibility with Cisco
systems, which consider each open channel a call leg (think especialy for
VoIP calls, where the channel is created for each call). So we actualy
send out of the system, via a database, or a file or whatever (Yate is
very flexibile so is never sure what you have outside), as acurate as
possibile and then we let the billing application to do his job. Normaly
billing application should be to define by certain rules what a "call"
means, and based on that information to calculate how much a "call" costs.
Gateway is the most simple case, you have 2 "call legs" which are defining
a "call", but think that if you have a calling card platform you will
probably want to bill only the voip call but for the one who generate the
call.
How can you do all those combinations if you don't give out the call legs?
Diana
> At 03:50 PM 4/12/2005, Mark Teicher wrote:
> >Has anyone dealt with configuration of Call Detail Records for VOIP calls?
> >What is the logging requirements for Sarbanes-Oxley regarding how CDR
> >records are to be kept and what format??
>
> How is this any different than CDR from the company PBX?
>
> >Can call detail records be split into incoming and outgoing calls based on
> >trunk groups routing voice traffic and then re-assembled for investigative
> >reasons?
> >What about parsing through call detail records for unusual calling
> >patterns or duration based calls ??
> >
> >
> >
> >_______________________________________________
> >Voipsec mailing list
> >Voipsec at voipsa.org
> >http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
> Robert Moskowitz
> Senior Technical Director
> ICSA Labs, a division of Cybertrust, Inc.
> W: 248-968-9809
> F: 248-968-2824
> E: rgm at icsalabs.com
>
> There's no limit to what can be accomplished
> if it doesn't matter who gets the credit
>
>
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
------------------------------
Message: 4
Date: Mon, 18 Apr 2005 10:43:38 -0800
From: "Randall Shimizu" <rshimizu at consultant.com>
Subject: [VOIPSEC] Securing Softphones..........???
To: Voipsec at voipsa.org
Message-ID: <20050418184339.0C65786ADF at cal1-1.us4.outblaze.com>
Content-Type: text/plain; charset="iso-8859-1"
I was wondering if anyone has any recommendation for securing softphones....??? I know that NIST has
recomenned against using them.
--
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm
------------------------------
Message: 5
Date: Mon, 18 Apr 2005 17:00:32 +0100
From: "Will Parton" <will.parton at invocom.com>
Subject: RE: [VOIPSEC] RE: Call Detail Records for VOIP Calls
To: <Voipsec at voipsa.org>
Message-ID: <HESA02UKERRNogwohdM00003fb7 at HESA02UKER.HE.LOCAL>
Content-Type: text/plain; charset="us-ascii"
It's been quite a while since I was working on VoIP billing but you might
want to take a look at http://www.ipdr.org/. Two or three years ago IPDR
was having reasonable traction amongst equipment suppliers looking to
reflect VoIP call features in billing streams.
Regards
Will
_____________________
Will Parton
Invocom Ltd
will.parton at invocom.com
-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Geoff Devine
Sent: 18 April 2005 02:24
To: Voipsec at voipsa.org
Subject: [VOIPSEC] RE: Call Detail Records for VOIP Calls
North American VoIP billing tends to conform to the GR-1100 format spit out
by any Class 5 office. Back Office billing systems understand it and there
are a lot of operators who outsource billing to third parties that would
charge extra if billing records were delivered in some other format.
For voice over cable, the CableLabs PacketCable architecture has all core
elements (soft switches, media gateway controllers, media gateways, and
CMTSs) report events to a record keeping server (RKS) using RADIUS and
home-brew objects added to RADIUS messages to both debug the system and
generate billing records. Somewhere in the magic behind the RKS,
GR-1100-style billing records get kicked out. In practice, pretty much all
soft switches kick out GR-1100 billing records and there many deployments
don't actually use an RKS.
GR-1100 lets you embed extra data in the call record. What many vendors do
is log voice quality statistics as collected at the two endpoints of the
call. It gives operators a handle on packet loss, delay, and jitter
attributes.
I imagine that most VoIP PBX implementations use a more PBX-like CDR format.
There are dozens of permutations but most look something like the old AT&T
Dimension PBX CDR record. I haven't dealt with PBX billing record formats
in quite a while but it's unlikely that anybody is going to re-invent the
wheel. Pretty much all CDR systems kick out a record when the call starts,
when the call ends, whenever the user invokes a feature, and periodically
when the call has been up for a long period of time. In the dark ages, this
went out an RS-232 serial port but interconnect these days is more likely to
use telnet or FTP.
Geoff
----------------------------------------------------------------------
From: Robert Moskowitz <rgm at icsalabs.com>
Subject: Re: [VOIPSEC] RE: Call Detail Records for VOIP Calls
To: Mark Teicher <mht3 at earthlink.net>,voipsec at voipsa.org
Message-ID: <6.2.1.2.2.20050415173120.0385cbd0 at localhost>
Content-Type: text/plain; charset="us-ascii"; format=flowed
At 03:50 PM 4/12/2005, Mark Teicher wrote:
>Has anyone dealt with configuration of Call Detail Records for VOIP
calls?
>What is the logging requirements for Sarbanes-Oxley regarding how CDR
>records are to be kept and what format??
How is this any different than CDR from the company PBX?
>Can call detail records be split into incoming and outgoing calls based
on
>trunk groups routing voice traffic and then re-assembled for
investigative
>reasons?
>What about parsing through call detail records for unusual calling
>patterns or duration based calls ??
>
>
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
------------------------------
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
End of Voipsec Digest, Vol 4, Issue 20
**************************************
More information about the Voipsec
mailing list