Lincolnshire, IL-based Sphere Communications just announced that the U.S. Department of Defense completed interoperability and information assurance testing of the company's IP-PBX enterprise telecommunications system, even bundling in its newly released Sphericall 4 Call Manager and Desktop software.
The Information Assurance test—the most rigorous security challenge known to date, is required to comply with federal government requirements and be readily available to the Department of Defense.
The Sphere configuration consists of Sphericall 4 software and VG3 media gateways.
"The quality of the Sphere architecture combined with their open standards approach and scalability will continue to put Sphere on the map." said Jeff Sinclair, vice president of Pacific Star Communications.
Pacific Star Communications, ("PacStar"), provides advanced network equipment and services to Federal clients. PacStar is a Sphere Certified Partner and delivers Sphere products to United States military and civilian agency customers through its extensive GSA (General Services Administration) schedule.
"The number of IP-based telecommunications products with the ability to complete the stringent testing for the Department of Defense is limited." said Sinclair, "Sphere is the only software-based IP-PBX to successfully complete these tests. We are excited to be able to provide this technology to our customers."
The Sphere system completed the PBX2 certification, under which the DoD's Joint Interoperability Test Command (JITC) has determined that the Sphere system meets critical interoperability requirements and achieves 99.999 percent reliability as defined in its Generic Switching Center Requirements (GSCR).
The testing process follows standards defined in the National Security Telecommunications and Information Systems Security Policy basing performance on:
- International Common Criteria (CC) for Information Security Technology Evaluation Mutual Recognition Arrangement;
- National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) validation program;
- National Security Agency (NSA) and NIST National Information Assurance Partnership (NIAP) evaluation and validation program; and
- Department of Defense policy and guidance for the protection of voice signaling and bearer traffic.
The testing crammed in a vulnerability assessment following NIAP guidelines on Network Security Testing. The test’s objective was to determine the resilience of a voice solution to common types of attacks such as denial of service (DOS), malformed packets, LAND-type attacks, etc. Several types of network security testing techniques employed include Network Mapping, Vulnerability Scanning, Penetration Testing, Security Test & Evaluation, Password Cracking, Log Reviews, File Integrity Checkers, Virus Detectors and War Dialing.
|Johanne Torres is the contributing editor for
TMCnet.com and Internet Telephony magazine. Previously, she was the
assistant editor for EContent magazine in Connecticut. She can be
reached by e-mail at firstname.lastname@example.org.
Purchase reprints of this article by calling (800) 290-5460 or buy them directly online at http://www.reprintbuyer.com/.
Respond to this