Light Reading
Startup aims to help service provider and enterprise CIOs secure and manage SIP applications

Covergence Banks on SIP Risks

Light Reading
News Analysis
Light Reading
8/22/2005
50%
50%

Massachusetts-based startup Covergence Inc. believes it has cooked up a cure for some of the risks associated with implementing new SIP-based applications (see SIP Guide).

With new session initiation protocol (SIP) applications like VOIP, instant messaging, and audio/video conferencing taking root at service providers, the operators need a way to secure and provide quality of service (QOS) for those applications, according to the startup, which was founded in 2003 and has raised $16 million in venture funding. Covergence is set to introduce a carrier-grade security and management solution (see Tekelec Reports Q2, Buys SIP Vendor). The product will serve as an early response system for SIP threats like hacking, spying, eavesdropping, spamming, hijacking, viruses, and denial-of-service attacks.

While Covergence isn’t letting go of many details prior to the launch, Light Reading has learned that the product consists of a series of network appliances that report SIP security and service availability problems to a central monitoring and control point (see Cisco IOS Hole Points to VOIP Threat).

The company and its VC backers believe many service providers and Fortune 2000 companies have bought into the SIP concept, but didn’t anticipate the new risk exposure. One investor says that as the SIP boom takes hold, security may have been overlooked.

"As SIP has become the de facto for messaging and other real-time applications, it has opened up a bunch of quality assurance, security, and administration issues,” says Sean Dalton, a partner at Highland Capital Partners, an investor in Covergence. “For companies that are just starting to implement IP, the issues of security and management just kind of go right over them... and then they call back six months later and say, ‘Now I get it.' "

SIP apps work differently than circuit-switched ones, explains Heavy Reading analyst at large Tim Hills. SIP uses in-band signaling, meaning that the signaling messages that control the system are transported by the same mechanism (IP packets) that transports the service media (like the voice channel for VOIP), Hills says in a recent Heavy Reading report (see SIP Guide).



The separation between signaling and media streams is logical, Hills says, not physical. This makes for an open architecture -- high on flexibility, but not inherently secure.

As such, Covergence's VP of marketing Rod Hodgman says, managing the risk isn’t easy. “It’s a hard road; you’ve got to look at interoperability, quality assurance, high availability, and confidentiality,” he says. “You’ve got internally launched virus attacks and even alleged attempts at corporate espionage." And all that, he notes, can happen behind the firewall.

Hodgman says attacks against SIP applications are not widespread today but will increase as the protocol becomes more established. For example, Hodgman says Microsoft Corp.'s (Nasdaq: MSFT) new, SIP-based Live Communications Server, is “extremely attractive” to Fortune 2000 companies, but security issues are hindering deployments.

“There are those that I know are sitting in the labs and trying to figure out how to deploy the solution,” Hodgman says. “What’s preventing that is the security and compliance officer." (See Microsoft Intros FMC Solution.) Asked if Covergence is in discussions to partner with Microsoft on the product, Hodgman pleads the Fifth.

So if this SIP security thing is such a glaring problem, new companies must be lining up to provide the fix for it, right?

“I suspect there are a lot of smaller companies flying under the radar right now -- Borderware has a product," Hodgman says. ’s product, SIPassure, is billed as a "SIP firewall." Others involved in the space include Radware Ltd. (Nasdaq: RDWR) and M5T.

Covergence's funding is led by Highland Capital and North Bridge Venture Partners. The company got a $6 million first round of funding in January 2004 and a second round worth $10 million in June 2005.

— Mark Sullivan, Reporter, Light Reading

(2)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View
Mark Sullivan
50%
50%
Mark Sullivan,
User Rank: Light Beer
12/5/2012 | 3:04:46 AM
re: Covergence Banks on SIP Risks
Hey friends, what do you think about this company? Are security issues really preventing the deployment of new SIP apps? Please post any insights you may have. Thanks. -Mark
Mark Sullivan
50%
50%
Mark Sullivan,
User Rank: Light Beer
12/5/2012 | 3:04:46 AM
re: Covergence Banks on SIP Risks
Hey friends, what do you think about this company. Are security issues really preventing the deployment of new SIP apps? -Mark
Flash Poll
From The Founder
It's clear to me that the communications industry is divided into two types of people, and only one is living in the real world.
LRTV Documentaries
Paul Bunyan's Giant Gigabit Plans

12|22|14   |   03:26   |   (0) comments


Gary Johnson, the CEO and GM of Minnesota rural operator Paul Bunyan Communications, discusses the company's 5,000-square-mile gigabit network rollout.
LRTV Interviews
CenturyLink: Building the Case for NFV

12|19|14   |   02:14   |   (0) comments


At the 2020 Vision Executive Summit, James Feger, VP, Network Strategy & Development at CenturyLink, talks about how the US operator is approaching virtual network functions from an operational and business case perspective.
LRTV Interviews
Liberty Global Sees Business Goldmine

12|18|14   |     |   (0) comments


Steen Sorensen, VP of business services for Liberty Global, explains where the giant international MSO sees growth potential.
LRTV Documentaries
EE: The Road to 5G

12|16|14   |   16:02   |   (1) comment


Andy Sutton, the principal network architect at UK mobile operator EE, explains how his company is using Wembley stadium as a wireless test bed and how that's helping EE to plan the evolution to 5G.
LRTV Huawei Video Resource Center
Highlights of Huawei's NFV Open Cloud Forum 2014

12|16|14   |     |   (0) comments


Huawei hosted its inaugural NFV Open Cloud Forum during the SDN & OpenFlow World Congress 2014 in Düsseldorf, Germany. The Forum brought together technology thought leaders, senior executives and telecom professionals from global carriers, industry associations, as well as other partner companies in the ecosystem, to exchange views on and collectively explore how ...
LRTV Custom TV
Realizing Operators' Digital Vision

12|16|14   |   5:23   |   (0) comments


Leveraging technology is fundamental to digital transformation but understanding customers and serving them really well is at the heart of digital businesses. TM Forum lists the following as the strategic pillars of the digital business: business agility and rapid innovation, operational agility and effectiveness, IT and data centricity, plus customer centricity. ...
LRTV Documentaries
US Cellular Injects Analytics Into LTE

12|16|14   |   2:57   |   (1) comment


US Cellular's Mario Vela explains how the operator uses analytics for network planning and what comes next as the carrier looks to eke more value out of its metrics.
LRTV Interviews
How Cox Biz Plans to Keep Growing

12|15|14   |     |   (2) comments


Steve Rowley, SVP of Cox Business, details how the third-biggest US MSO intends to boost its revenues to $2 billion and beyond over the rest of the decade
LRTV Huawei Video Resource Center
Interview With Bill Zhang, Director of SoftCOM Product Management, Huawei

12|15|14   |   2:50   |   (0) comments


Bill Zhang elaborated on Huawei's open philosophy in NFV solution development and network architecture design at the SDN & OpenFlow World Congress 2014.
LRTV Huawei Video Resource Center
Event Highlights: Huawei at SDN & OpenFlow World Congress 2014

12|15|14   |   3:43   |   (0) comments


Huawei joined the 2014 SDN & OpenFlow Congress as one of the key sponsors and contributors. At the event, Huawei reinforced the openness and flexibility of its network infrastructure strategies, and provided updates on its SDN and NVF innovations. Through participations at the exhibitions, forums and speeches, Huawei encouraged the industry to "think bigger and ...
LRTV Interviews
How Cable Biz Services Hit $10B Mark

12|12|14   |     |   (1) comment


Cable operators reached $10 billion in annual business services revenues by delving deeper into their vertical markets and expanding beyond the smallest firms.
LRTV Documentaries
Mediacom Aims to Test Connected Tractors

12|11|14   |   05:07   |   (3) comments


Cable business service provider is taking its services to the 'agribusiness' sector in partnership with farm equipment specialist John Deere and is getting involved in Gigabit Cities developments.
Upcoming Live Events
February 10, 2015, The Westin Peachtree Plaza, Atlanta, GA
March 17, 2015, The Cable Center, Denver, CO
April 14, 2015, The Westin Times Square, New York City, NY
May 6, 2015, McCormick Convention Center, Chicago, IL
May 13-14, 2015, The Westin Peachtree, Atlanta, GA
June 9-10, 2015, Chicago, IL
Hot Topics
T-Mobile, BlackBerry Flirt With Reuniting
Sarah Reedy, Senior Editor, 12/17/2014
1-Gig: Coming to a Small Town Near You
Jason Meyers, Senior Editor, Gigabit Cities/IoT, 12/17/2014
Comcast Launches 4K Streaming Service
Alan Breznick, Cable/Video Practice Leader, 12/18/2014
Google Steering Android Towards Cars – Report
Dan Jones, Mobile Editor, 12/19/2014
US Carriers, You're Going to Cuba!
Mitch Wagner, West Coast Bureau Chief, Light Reading, 12/18/2014
Like Us on Facebook
Twitter Feed
Webinar Archive