& cplSiteName &

Covergence Banks on SIP Risks

Light Reading
News Analysis
Light Reading
8/22/2005
50%
50%

Massachusetts-based startup Covergence Inc. believes it has cooked up a cure for some of the risks associated with implementing new SIP-based applications (see SIP Guide).

With new session initiation protocol (SIP) applications like VOIP, instant messaging, and audio/video conferencing taking root at service providers, the operators need a way to secure and provide quality of service (QOS) for those applications, according to the startup, which was founded in 2003 and has raised $16 million in venture funding. Covergence is set to introduce a carrier-grade security and management solution (see Tekelec Reports Q2, Buys SIP Vendor). The product will serve as an early response system for SIP threats like hacking, spying, eavesdropping, spamming, hijacking, viruses, and denial-of-service attacks.

While Covergence isn’t letting go of many details prior to the launch, Light Reading has learned that the product consists of a series of network appliances that report SIP security and service availability problems to a central monitoring and control point (see Cisco IOS Hole Points to VOIP Threat).

The company and its VC backers believe many service providers and Fortune 2000 companies have bought into the SIP concept, but didn’t anticipate the new risk exposure. One investor says that as the SIP boom takes hold, security may have been overlooked.

"As SIP has become the de facto for messaging and other real-time applications, it has opened up a bunch of quality assurance, security, and administration issues,” says Sean Dalton, a partner at Highland Capital Partners, an investor in Covergence. “For companies that are just starting to implement IP, the issues of security and management just kind of go right over them... and then they call back six months later and say, ‘Now I get it.' "

SIP apps work differently than circuit-switched ones, explains Heavy Reading analyst at large Tim Hills. SIP uses in-band signaling, meaning that the signaling messages that control the system are transported by the same mechanism (IP packets) that transports the service media (like the voice channel for VOIP), Hills says in a recent Heavy Reading report (see SIP Guide).



The separation between signaling and media streams is logical, Hills says, not physical. This makes for an open architecture -- high on flexibility, but not inherently secure.

As such, Covergence's VP of marketing Rod Hodgman says, managing the risk isn’t easy. “It’s a hard road; you’ve got to look at interoperability, quality assurance, high availability, and confidentiality,” he says. “You’ve got internally launched virus attacks and even alleged attempts at corporate espionage." And all that, he notes, can happen behind the firewall.

Hodgman says attacks against SIP applications are not widespread today but will increase as the protocol becomes more established. For example, Hodgman says Microsoft Corp.'s (Nasdaq: MSFT) new, SIP-based Live Communications Server, is “extremely attractive” to Fortune 2000 companies, but security issues are hindering deployments.

“There are those that I know are sitting in the labs and trying to figure out how to deploy the solution,” Hodgman says. “What’s preventing that is the security and compliance officer." (See Microsoft Intros FMC Solution.) Asked if Covergence is in discussions to partner with Microsoft on the product, Hodgman pleads the Fifth.

So if this SIP security thing is such a glaring problem, new companies must be lining up to provide the fix for it, right?

“I suspect there are a lot of smaller companies flying under the radar right now -- Borderware has a product," Hodgman says. ’s product, SIPassure, is billed as a "SIP firewall." Others involved in the space include Radware Ltd. (Nasdaq: RDWR) and M5T.

Covergence's funding is led by Highland Capital and North Bridge Venture Partners. The company got a $6 million first round of funding in January 2004 and a second round worth $10 million in June 2005.

— Mark Sullivan, Reporter, Light Reading

(2)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Mark Sullivan
50%
50%
Mark Sullivan,
User Rank: Light Beer
12/5/2012 | 3:04:46 AM
re: Covergence Banks on SIP Risks
Hey friends, what do you think about this company? Are security issues really preventing the deployment of new SIP apps? Please post any insights you may have. Thanks. -Mark
Mark Sullivan
50%
50%
Mark Sullivan,
User Rank: Light Beer
12/5/2012 | 3:04:46 AM
re: Covergence Banks on SIP Risks
Hey friends, what do you think about this company. Are security issues really preventing the deployment of new SIP apps? -Mark
Featured Video
From The Founder
Light Reading is spending much of this year digging into the details of how automation technology will impact the comms market, but let's take a moment to also look at how automation is set to overturn the current world order by the middle of the century.
Flash Poll
Upcoming Live Events
November 1, 2017, The Royal Garden Hotel
November 1, 2017, The Montcalm Marble Arch
November 2, 2017, 8 Northumberland Avenue, London, UK
November 2, 2017, 8 Northumberland Avenue – London
November 10, 2017, The Westin Times Square, New York, NY
November 16, 2017, ExCel Centre, London
November 30, 2017, The Westin Times Square
May 14-17, 2018, Austin Convention Center
All Upcoming Live Events
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
Muni Policies Stymie Edge Computing
Carol Wilson, Editor-at-large, 10/17/2017
'Brutal' Automation & the Looming Workforce Cull
Iain Morris, News Editor, 10/18/2017
Is US Lurching Back to Monopoly Status?
Carol Wilson, Editor-at-large, 10/16/2017
Pai's FCC Raises Alarms at Competitive Carriers
Carol Wilson, Editor-at-large, 10/16/2017
Worried About Bandwidth for 4K? Here Comes 8K!
Aditya Kishore, Practice Leader, Video Transformation, Telco Transformation, 10/17/2017
Animals with Phones
Selfie Game Strong Click Here
Latest Comment
Live Digital Audio

Understanding the full experience of women in technology requires starting at the collegiate level (or sooner) and studying the technologies women are involved with, company cultures they're part of and personal experiences of individuals.

During this WiC radio show, we will talk with Nicole Engelbert, the director of Research & Analysis for Ovum Technology and a 23-year telecom industry veteran, about her experiences and perspectives on women in tech. Engelbert covers infrastructure, applications and industries for Ovum, but she is also involved in the research firm's higher education team and has helped colleges and universities globally leverage technology as a strategy for improving recruitment, retention and graduation performance.

She will share her unique insight into the collegiate level, where women pursuing engineering and STEM-related degrees is dwindling. Engelbert will also reveal new, original Ovum research on the topics of artificial intelligence, the Internet of Things, security and augmented reality, as well as discuss what each of those technologies might mean for women in our field. As always, we'll also leave plenty of time to answer all your questions live on the air and chat board.

Like Us on Facebook
Twitter Feed
Partner Perspectives - content from our sponsors
The Mobile Broadband Road Ahead
By Kevin Taylor, for Huawei
All Partner Perspectives