Authors Mark Lindsey
SMTS at ECG


Cybersecurity Notice on ECG Software Alpaca regarding Spring Vulnerabilities [UPDATED]

Notice relating to Alpaca changes due to the Spring vulnerabilities CVE-2022-22965 and CVE-2022-22947.


Poly CCX phones - A new option with proven software

The Poly CCX phones with support for standard SIP provide an interesting new option for SIP devices, using mature software. This brings huge advantages for Service Providers and enterprises looking to add a new device but with proven code.


Analysis of CVE-2021-44228 log4 Vulnerability for ECG Software

We describe which versions of ECG software include the log4j software and how to manage risk.


Q&A: Do I need SHAKEN/STIR on a simple network? Understanding Intra-Network Tagging

Do we really need to do SHAKEN/STIR on a super-simple network? And what's the point of intra-network SHAKEN/STIR?


Top News from the World of BroadWorks

News on shrinking and expansion of the BroadWorks marketplace, dominated by growth at Verizon, Vonage, TPX, and Evolve IP. New BroadWorks integrations on network management, call recording, Kakapo, TekVizion, Yealink, and Snom. And updates from Cisco.


Managing Production Server Operating Systems - the CentOS Case Study

Operating System selections in Service Provider networks are Key decisions. We examine some of the big factors everyone should consider in choosing operating systems and use the December 2020 policy change announced by Red Hat as an example Case Study, with special attention to compatibility with the Cisco BroadWorks calling platform.


What's the Top News on Cisco BroadWorks - December 2020

New Briefs on BroadWorks popularity, System Management, Automation, Enhancements for IMS Providers, Call Center, Device Management, Webex, and Compliance.


Defend the BroadWorks XSP from Device Management Scanning Attacks

Cisco BroadWorks Device Management (DMS) servers are under continuous attack, as bad actors seek to access SIP Device configuration details. They use ths configurations to compromise the service, committing toll fraud, including traffic pumping costing millions of dollars per year. This article explains defensive approaches and gives a complete configuration to mitigate these attacks using a free, open source tool.


Troubleshooting Common Problems with SIP Signaling Delivery

Tips for Troubleshooting and Identifying some of the most common problems with SIP Signaling Delivery: Fragmentation, Retransmission, Symmetrical Signaling, SIP ALGs, and Busy Lamp Field (BLF).


SIP Registration with Authentication - Excerpt from ECGT2010 Training

Learn how SIP registration with authentication is performed in the presence of a Session Border Controller. Join ECG for live training to strengthen your SIP knowledge and earn a certificate from ECG.


How the NIST Cybersecurity Framework Supports Fighting Telecom Fraud

The NIST Cybersecurity Framework is applied to assess and improve security defenses in Civilian government organizations and many enterprises. It can be used as a tool developing your Telecom / VoIP / Voice Fraud defenses.


SIP Forum's Virtual SHAKEN/STIR Summit

The SIP Forum is hosting a STIR/SHAKEN Virtual Summit, with presentations from AT&T, Comcast, Metaswitch, TransNexus, Ribbon, and others.


Viewpoint on Metaswitch and Microsoft

The Microsoft-Metaswitch acquisition had been long in the making. What's behind it? And what does it bode for today's Metaswitch operators?


SHAKEN/STIR: Quick Insights from an FCC Proposal to Fight Robocalling

The FCC's Notice of Proposed Rulemaking gives helpful insight for Service Providers fighting robocalling and implementing SHAKEN/STIR.


Office. Home. Distributed. Effective.

How ECG maximizes effectiveness with a widely distributed workforce in a mixture of office and home environments.