Are Cloud Communications Secure Enough for Mission Critical Government Voice Networks?

We’re now more than a decade into advancing cloud computing within the U.S. Federal Government, with mandates to modernize IT infrastructure and applications, and reduce costs even as pressure continues to mount, particularly when it comes to securing data and confidential information across hundreds of agencies with a massive number of public service employees.

According to CIO.GOV, “Advances in technology, such as cloud and mobile, are transforming how agencies deliver and consume information technology (IT) services. Federal CIOs have opportunities as never before to enable agency mission delivery, improve customer service, maximize return-on-investment, and support emerging needs.”

Under the umbrella of the Digital Government Strategy the U.S government is “securely architecting our systems for interoperability and openness from conception, unleashing the power of Government data and reducing barriers to citizen and business interaction with the Government.”

Cloud adoption for computing, storage, web applications and more has been underway, and arguably very successful, contributing to growth of U.S. and other companies including IBM, AWS, Microsoft, and many more.

For example, “The IBM Cloud gives government agencies the freedom to innovate with new technologies and modernize legacy applications without lock-in and massive rework,” according to IBM.

“Built on open standards, the FedRAMP certified cloud optimizes for security, performance and flexibility by matching workloads to the deployment model best suited for government's unique requirements.”

FedRAMP certification is run by the Federal Risk and Authorization Management Program, a government-wide service that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. According to the program, “FedRAMP enables Agencies to rapidly adapt from old, insecure legacy IT to mission-enabling, secure, and cost-effective cloud-based IT.”

It’s no wonder cloud is working within the Federal government, and in state, local and regional government as well. Less expensive processors, faster and more secure networks, and the productivity associated with more and more mobile devices are driving innovation while reducing costs.

Cloud computing is making digital transformation of government agencies possible, and as the Internet led to the creation of disruptive new business models 20 years ago, cloud computing is now disrupting everything.
 

This includes voice networking.

Voice delivered over secure clouds is the future for not only large enterprises (completing changing, for example, the economics of contact centers and more) but for the Federal government in particular given the dispersed nature of operations.

With constant pressure to achieve significant cost, agility and innovation benefits of cloud computing, and the drive towards higher utilization of assets, more unified and controllable networks, less fragmentation, and the “red tape” that leads to long procurement cycles and contracting procedures, the U.S. Federal government is now also looking at migrating it’s massive fixed-line “phone systems” to the cloud through greater adoption of VoIP.

One equivalent to the FedRAMP certification program in the voice world is Joint Interoperability Testing Command (JITC) certification by the U.S. Department of Defense’s (DoD) Defense Information Systems Agency (DISA).

Earlier this year, Ribbon Communications announced its largest “carrier grade” session management technologies and equipment earned this hard-won certification, with VoIP management and migration solutions that improve security and performance, while reducing costs.

Ribbon is a fast-growing global company continuously implementing a consolidation strategy in the world of VoIP, having most recently acquired Edgewater Networks, after combining GENBAND and Sonus to become the market share leader in session management services.

The company announced that its Session Border Controller 7000 (SBC 7000) and G5 Media Gateway have achieved JITC certification and are now available on the Approved Products List (APL).

In a press release, the company said, “Ribbon’s carrier-grade scale enables the DoD to substantially reduce power, floor space, and maintenance costs. The SBC 7000 and G5 Media Gateway join an extensive line of Ribbon products already on the DISA Approved Products List including the SBC Software Edition (SWe), SBC 5110, SBC 5210, Voice Exchange 900 (VX 900) and the Application Server (as both an Enterprise and Local Session Controller).”

What wasn’t revealed in this particular announcement how cloud-based VoIP projects were progressing, the latest announcement came on the heels of earlier news that Ribbon, working with Verizon, also supported the DoD’s Everything Over IP initiative by migrating one if its key agencies to a unified communications (UC) platform. “In doing so, the DoD replaced two legacy systems with a single next generation solution,” the press release stated.

The Department of Defense made the decision to move to Unified Communications to replace its aging infrastructure while keeping in mind unique security demands. Using Ribbon Communication’s JITC-certified Application Server for the deployment, the department was able to replace the core of its communications infrastructure while leveraging its existing endpoints and using standards-based technology going forward. The cost and time required to integrate this option were significantly less than implementing an entirely new solution.

Ribbon also announced earlier this year that the DoD had completed one of the largest Voice Over IP (VoIP) deployments in DoD’s history leveraging Ribbon’s Joint Interoperability Test Command (JITC)-certified Application Server.

“We have been working closely with the Department of Defense and our solutions partners for several years to meet the demanding requirements of DoD deployments,” said Steven Bruny, Executive Vice President of Global Operations for Ribbon Communications. “It is very rewarding for our team and our partners to have successfully completed a migration of this magnitude. We believe it is a reflection of our commitment to standards and innovation and are pleased that we could provide DoD a path forward without having to start over.”

Federal IT modernization is top of mind for most agencies, and it appears voice is a huge focus given the costs to maintain legacy “phone systems” and the opportunities to improve productivity and network security using IP-based solutions.

Old phone systems, while reliable for a hundred years, have limited features and don’t fully support modern devices for effective collaboration and communication.

It appears Ribbon is contributing to the evolution to cloud communications on nearly every layer of the real time communications stack.

“The JITC certification of our SBC 7000 and G5 Media Gateway are the latest examples of our ongoing commitment to providing the DoD with the most extensive set of carrier-grade, best-in-class security and voice communications solutions,” said William Hartwell, Vice President, U.S. Federal Government Area, Ribbon Communications. “The G5 Media Gateway works in perfect harmony with our certified Application Server and third-party solutions. Adding the SBC 7000 means that nearly all of our core Session Border Controller solutions are now available on the DISA APL. We are extremely proud of the fact that Ribbon is one of the only vendors in the industry to have received certifications for both virtual and appliance-based solutions.”

“We are continually investing in DISA solutions and clearly leading the market in providing the latest in security and VoIP application technology to the DoD,” said Kevin Riley, Chief Technology Officer at Ribbon and Technical Contact for the National Security Telecommunications Advisory Committee (NSTAC). “Securing communications infrastructure is top of mind with our customers and our products play a critical role towards this end. We take this responsibility very seriously and this solution certification reflects our focus on bringing industry-leading security capabilities to market.”

Riley added, “Our comprehensive set of voice communications and security solutions allow us to scale and secure the smallest of enterprises up to the largest of deployments such as the Department of Defense.”

We’ll continue to follow the progress of the massive, multilateral government network transformation projects, paying attention to how what is arguably the most powerful application of all – live human voice conversations – can be improved, secured and made more cost efficient, in some of the largest institutions of all.

Arti Loftus is an experienced Information Technology specialist with a demonstrated history of working in the research, writing, and editing industry with many published articles under her belt.

Edited by Maurice Nagle